How You Can Deal With Data Breaches As An Event Planner

Today, we’re going to tackle a topic that might at first seem like it doesn’t quite fit the Tweetwall blog – information security.

See, in a recent piece on upcoming trends in the event planning industry, one of the points I mentioned was the fact that, as we move through 2015, event management professionals are going to increasingly become the target of cyber-crime.  There are many reasons for this, but the chief among them is the fact that – like every other industry – event management is becoming increasingly digitized. We’ve cloud platforms that assist with planning and registration, mobile collaboration apps that keep volunteer teams working together effectively, and a whole ton of connected gadgets and devices feeding data to their respective apps.

In short, for the right hacker, the event industry is an absolute gold mine. Registration systems in particular are likely to be a favored target, primarily because they deal with financial and personally-identifiable information. Naturally, you want to do whatever you can to keep the data stored within such systems safe.

Unfortunately, it’s not always that simple. Sometimes, in spite of your best efforts, someone’s going to mess up, and you’re going to have a data breach on your hands. Mishandle it, and you could – in the worst case scenario – wind up like Target.

Let’s talk about how you can avoid that, shall we?

Don’t Panic – Be Efficient And Transparent

The first piece of advice I’ll give you is not to panic – once you’ve been made aware that a breach has occurred, don’t immediately make a public announcement. Investigate first. Find out precisely what caused the breach, and what data was lost or stolen as quickly as possible.

The reason for this is simple – people have this weird tendency to let their imaginations run wild when they’re given partial or incomplete information. If you tell everyone that a breach has occurred without knowing precisely what information may have been lost, then plenty of folks are going to immediately assume the worst, regardless of what actually happened. I needn’t explain why that’s a bad thing for your firm.

That said; you shouldn’t delay your investigation, either. Find out precisely what caused the breach and what data was lost or stolen as quickly as possible. The sooner you know that, the sooner you can go public – and start making amends for anything that was compromised.

Oh, one more thing? While it might be tempting to simply sweep the breach under the rug – nearly a third of businesses do – this is in actuality one of the worst things you can do. Once the breach is eventually made public, the consequences of covering it up will be far more severe than if you’d just told everyone about it in the first place.

In short…communicate. Be open and honest with them. Tell them what happened, what you’re doing about it, and what you’re going to offer anyone who was adversely affected.

Own Up To What Happened – And Offer Reparations

Once you’ve figured out that there was a breach, and determined who was impacted, your next step is to work out how you’re going to make it up to them. This could take a number of different forms – free tickets to your next few events, free room and board at one of your conferences, or even a cash settlement. It doesn’t really matter all that much what you offer, so long as you’re sincere in your apology.

Yeah, people aren’t going to be happy. That’s a given. But they’ll be even less happy if you don’t take responsibility for the breach.

Make Sure It Won’t Happen Again

Last but certainly not least, once you’ve dealt with all the clerical stuff and communicated to everyone what’s happened, you’re going to need to take measures to ensure that whatever caused this breach won’t cause another one. If it was due to a careless volunteer misplacing a phone, educate your partners and staff. If it was the result of a vulnerability in a network or VPN, patch it. Basically, do your homework to protect yourself – or you’ve only yourself to blame if you’re compromised a second time.