One of the most successful investors in the 20th century, and CEO of a global giant Berkshire Hathaway once said: “It takes 20 years to build a reputation and just five minutes to ruin it. If you think about that, you’ll do things differently.”

While often known for his enormous wealth, you can’t ignore his businesses sense and his intense desire to fully understand the inner workings of the companies in which he invests.

And it’s not unrealistic to conclude that part of this ‘understanding’ process includes a review of the company’s brand.

A strong reputation has the potential to be your largest asset, but just one crisis could irrevocably tarnish your image and ruin your business.

According to a recent survey from Deloitte, the largest professional services network in the world, 87% of business executives believe that reputation is their largest risk area, and only 19% of respondents think their business is adequately protected.

In order to be prepared, you need to identify and mitigate the potentially devastating risks to your business’s reputation.

The many forms of reputational risk

The damage to a business’s reputation is often the result of other risks. For example, a cyber attack that disrupts your business operations may not generally be considered a risk to your reputation.

However, an extended disruption, or the release of sensitive information, could cause customers to think less of, or even distrust your business and its products.

Protecting your business through proper coverage

Unfortunately in business, there’s always a risk of situations in which your reputation has the potential to be tarnished.

However, preparation is key when it comes to what you can do to protect that reputation.

To start, you need to identify potential risks and have a plan for mitigating those risks.

As a business owner, you will likely have a General Commercial Liability Insurance policy, which will cover many of the risks businesses face regarding injuries caused or property damaged.

However, one of the fastest growing risks to a business’s reputation is a cyber attack or data breach. And when they occur, they can become very costly and complex, very quickly, for any business.

As the amount of information stored and transferred electronically continues to increase, so will the need for a separate Cyber Liability Insurance policy.

Why do I need a separate Cyber Liability Insurance policy?

In an age where a stolen laptop or hacked account can instantly compromise the personal data of thousands of customers, or an ill-advised post on a social media site can be read by hundreds in a matter of minutes, protecting yourself and your reputation from cyber liability is extremely important.

Cyber Liability Insurance is specifically designed to address the risks that come with using modern technology, as these types of exposures are not typically covered under a General Liability policy, and the expenses can become extremely costly.

Some examples of possible exposures include:

  • Data breaches
  • Intellectual property rights
  • Damages to a third-party system
  • System failure
  • Cyber extortion
  • Business interruption

The level of coverage your business needs is based on your individual operations and can vary depending on your range of exposure. It’s important to work with an Insurance Advisor that can identify your areas of risk so a policy can be tailored to fit your unique situation.

Cyber liability insurance can include:

  • Data breach/privacy crisis management: Expenses related to the management of the situation, any investigations that may be involved, remediation, notifications to customers, call management, credit checking for customers, legal costs, court attendance and regulatory fines.
  • Multimedia/media liability coverage: Expenses related to third-party damages including defacement of a website and intellectual property rights infringement.
  • Extortion liability coverage: Losses due to a threat of extortion and any professional fees that are related to the extortion.
  • Network security: Third-party damages as a result of denial of access, costs related to data on third-party suppliers and costs related to theft of data on third-party systems.

How to maintain your reputation after an attack

In the unfortunate event that your business is the victim of a cyberattack, the way you respond will determine whether or not you can salvage your reputation.

It’s important to remain sincere in your apology, and be open and transparent about the incident during your attempt to remedy the situation.

Curious about what you can do to prevent Cyber Crime?


5 tips to retain your reputation after an attack:

1. Tell your story promptly

You want to be the one in control of the story to the public. If you react only after the story makes headlines, then you’re too late. And, if you attempt to stay under the radar during or following a crisis, it will only cause negative attention to linger.

Once the details of the attack have been confirmed, it’s important to share those details with your staff, followed by any stakeholders and the public. Continue to provide updates as information becomes available, as you want to be leading the story, not reacting to it.

2. Apologize right away

Include a message on what your organization is doing to rectify the situation.

Your apology will hold more weight if you reveal what happened, what you are doing about the breach and how you intend to prevent such an incident from happening again. Delays will only increase stakeholder and public suspicion.

3. Transparency is key

Any attempt to cover up or mislead stakeholders could result in permanent damage to a business’s reputation.

Communicating openly and honestly, as well as proactively, about the situation will help maintain and build the business’s credibility.

4. Tailor your messages to different audiences

When it comes to the content of your message, a generic message will not suffice. Each group will have different concerns and needs, and those need to be addressed through a carefully-crafted response.

5. Help your customers

You need to take the lead, and provide any assistance your customers need in dealing with the repercussions that may have resulted from the breach, which will help maintain your relationships. For example, set up a customer service line for them to call with questions and concerns.


The process of maintaining or rebuilding your reputation after an attack could be extremely costly. Notifying customers, keeping them updated about the situation and helping them deal with repercussions of the breach while expensive, are absolutely necessary to protect your reputation.

In addition to remedying the situation, there are costs that could be incurred through class-action lawsuits, business downtime, lost business and more. These types of expenses could all be covered under a Cyber Liability policy.

Limit your risks and protect your reputation

It’s inevitable that every business will experience some form of reputational damage, but there are ways to limit your exposures and to cover losses.

The level of coverage your business needs is based on your individual operations and can vary depending on your range of exposure. It’s important to work with an Insurance Advisor that can identify your areas of risk, and customize a policy to fit your unique situation.

If you’d like additional information and resources, we’re here to help you analyze your needs and make the right coverage decisions to protect your operations from unnecessary risk.  You can download a free copy of our eBook, or if you’re ready make Cyber Liability Insurance a part of your insurance portfolio, Request a Proposal and we’ll get to work for you.