Clorox Cyber Attack: Service Differentiation and Real Value

$25 million.

That’s how much Clorox has spent responding to a suspected ransomware attack, as reported by the Wall Street Journal. Total losses are still being calculated and will significantly impact earnings.

Some of these losses may be offset by cyber insurance, which Clorox indicated that it had purchased, likely through the foresight of a CISO (chief information security officer) or a consultant from a top-tier firm.

What about the countless thousands of smaller but still substantial companies who are vulnerable to similar threats but that may not have the staff, resources, or foresight to purchase cyber insurance?

How could you fill this void?

• If you provide insurance services to SMBs (small and medium businesses), you could gain the necessary accreditation to offer cyber insurance as part of your business coverages.
• If you provide any kind of tech, data, ops-related, or certainly security-related services, you could educate yourself on cyber insurance and make informed recommendations to your prospects and clients.
• Even if you offer HR-related services, you could potentially share your POV regarding cyber insurance with clients, since breaches of employee-related data could potentially bring significant liabilities

This leads me to two core principles for new consulting and service businesses that I continually emphasize:

• Bring enterprise-level services to SMBs
• Differentiate from your competitors by introducing a unique or innovative aspect to your service offering

Which leads me to an even more fundamental principle:

• Add real value

Just think if your consultancy was the one that recommended an insurance policy that saved your client from going bankrupt after a cyber attack.

This, of course, is one very specific example, but in the context of the service that you offer to the world: how can you be a hero?