Companies are more vulnerable than ever to Reputational Harm. Can insurance help to mitigate this risk?
In the interconnected world in which we all operate, it is common place for the actions of a specific company to be scrutinised within minutes by the media, whether warranted or not. The ensuing damage to the company’s reputation can be significant and can result in a loss of customers, increased costs and ultimately, a reduction in income.
Good reputations can have a significant impact on a company in many ways. People want to work for good companies, so a strong brand can attract the best talent. It also allows companies to charge more for their products or services, thus impacting on the bottom line. Customer loyalty is also more sticky when brands are strong. Even the stock market valuations can be affected by a strong brand, giving the markets a positive assessment of long-term growth, earning multiples and even affecting the cost of capital.
With many company valuations built on intangible assets, companies are more vulnerable than ever to anything that damages their reputations. Therefore, many companies now unsurprisingly rank reputational damage as their number one risk. As cyber related crime is on the rise, this ranking seems more than justified. But it is not only third party miscreants that can cause damage to a company’s brand: employees and senior business leaders through their words and deeds can also cause companies to lose face.
In the days before the internet, comments made in public by company officials or (ex) employees seldom made headline news or were reported beyond regional boundaries. This has changed. With the advent of Social Media, the potential for seemingly ‘innocent’ tweets or disgruntled posts to reverberate internationally, has grown exponentially. Consider the ‘pain’ imncurred by Uber recently when social media users started posting “#deleteUber” messages online in response to its alledged NYC Taxi strike breaking tactics.
Similarly, should a network security breach occur, the confidence in an organisation can be negatively impacted and the ensuing reputational harm can be significant. The simple action of notifying a potentially affected customer or the announcement by a regulator of an investigation or a fine being levied, can cause damage to a company’s brand value. If the company executives are not ‘upfront and up to date’, this can also negatively impact on the brand and its value. TalkTalk’ s initial response to their data breach highlighted a lack of preparation. Their communication was poor and TalkTalk’s CEO Dido Harding was criticised for the way he communicated with the public and his apparent lack of knowledge regading the quantum of the breach.
It is important for organisations of every size to take a proactive approach to brand risk management. Whether this is through education of employees, preparing in advance your stakeholder engagement in the event of a data breach or ensuring that that you have strong ‘take-down’ and posting procedures on company media platforms, it is key to take this matter seriously. Network security, company social media policies and procedures, business continuity and communication planning and the like, must all be regularly reviewed.
From an insurance perspective, there are a number of insurance carriers that will provide Reputational Harm coverage to insureds as part of their Cyber risk solution. The wordings available are quite broad and ever evolving. The coverage will pay for any Income Loss, Increased Cost of Working and /or PR expenses incurred during the ‘reputation indemnity period’ which is as a result of a Data Protection Breach Report. This is widely defined as a communication (in many different forms) that is made freely available to the general public which causes a negative perception of/or harm to the insured’s reputation.
The trigger for the policy can be an identity theft, or sensitive information being taken, or a regulatory investigation being undertaken. Even something like a bank reporting suspicious activity can have a negative impact on brand, and again the policy will respond. Insurers in the main are still behind the curve with underwriting intangible assets such as Reputational Harm. There is still limited cover available in standard Cyber insurance, but over the next few years Insurers will likely innovate and expand coverage into a wider scope of intangible assets.
As this is a nascent risk area, it is important to seek expert advice when seeking insurance in this regard. This type of emerging risk is what Safeonline does best and we can help businesses find the right insurance to fit their business model. For more information, please contact firstname.lastname@example.org