"Developing relationships with the security team, identifying first responders from marketing and other groups, and identifying a crisis communications external agency before you need them are all good places to start. You don't want to build all those relationships at 2am in the heat of a disaster."
The concept of having an incident response team that includes marketing and public relations executives in prominent roles is gaining favour, especially as the attack against Target actually generated more damage from the company's messy response of than from the hack itself.
Bergman says brands are advised to think about their response to a hack in a similar way to how they might handle a product recall.
"If it is done badly it will erode customer loyalty and trust faster than the incident itself," Bergman says. "It is not about the loss of customer records or the financial damage, how you react and respond to it, and how the general population sees you react and respond to that, has a bigger impact on your brand than the actual incident."
He cautions many brands may have no choice about taking cybersecurity more seriously, should the Australian Government introduce proposed legislation for mandatory reporting of cyber breaches.
For many, that means a lot of work has yet to commence. Ruchatz recommends one of the first steps for marketers should be to engage in a dialogue with IT to negotiate service-level agreements for security and availability. This should be a two-way conversation, with IT explaining which systems are critical to customers and marketing, and marketing explaining which data is most critical for its operation and sensitive to its customers.
This also means marketers understanding what the recovery options are from a breach, in terms of how often backups are taken and how quickly they can be restored.
"Right now, most companies haven't really cared for this in a way that they have a reliable service-level agreement or even something they could promise to their end customers, so they try to avoid that topic and exclude it from the marketing message," Ruchatz says.
Getting the support of the board
Another path of action is to raise the topic of cybersecurity and brand damage at higher levels in the organisation. Chief executive officer at the Australian Information Security Association (AISA), Arno Brok, says cybersecurity is an issue that should come from the top of the organisation down.
"It is not an IT problem," he says. "The IT guys will do their best, but at the end of the day they have limited resources and limited capabilities.
"The business has to drive it. If the CEO, CFO and the whole board actually understand cyber risk, and they understand that they have to have a plan in place, it should be a business driver to do better security. People should think much more from a business sense, rather than 'what happens if we get breached?'
Sign up for MIS Asia eNewsletters.