So you got hit by a data breach, an all too common occurrence in today’s security environment. Who gets hit? Odds are you will say the customer. After all it’s their Personally Identifiable Information (PII) that was lost. Maybe their credit card or social security number or patient records were compromised. But pause a moment and consider the hit on the company itself. The hit includes attorney fees, lost business, reputational damage, and system remediation costs.
They deserve it, you say? They were negligent and must suffer the consequences. But spare a thought for the individuals on the “front line,” defending their organizations against the entire world of cyber criminals. They are victims, too. And it may not be a lack of diligence or due care on their part either. In the meantime they may experience the same disappointment and grief as a customer whose data is compromised. They are confused. They may feel a lack of focus and confidence in themselves. They may have sleepless nights and an increased level of anxiety. Not very different than a caregiver to a sick patient.
As in the patient/caregiver scenario, all the attention is focused on the patient. Consider this excerpt from American Nurse that says, “While nurses may not suffer the same way patients do, we experience pain, frustration, lack of resources, and many other forms of suffering when delivering care to patients and their families. In our highly regulated healthcare environment, administrators commonly view nursing as the highest cost center instead of a revenue generator. Typically, nursing is factored into room and board on the patient’s bill.”
This will sound eerily familiar to the IT staff on the front line of responding to a data breach.
How can you help?
- Acknowledge their pain and anxiety; show that you understand
- Coordinate care; be there for them in a continuous way
- Get them help; outside experts who deal in incident management
- Conduct a lessons learned; an excellent way to beef up skills on the team is to consider co-sourcing certain responsibilities
The next time you hear of a data breach, spare a thought for the IT Security team at the front line; after all they are victims, too.