Organizations across both public and private sectors remain alarmingly unprepared to effectively communicate data breaches to the public, heightening the risk of reputational damage and eroding consumer trust, warned Data Protection Commissioner Lisa Greaves on Tuesday. Speaking at a workshop titled ‘Human-Driven AI: Powering Communication Excellence,’ hosted by the International Association of Business Communicators (IABC) Barbados Chapter, Greaves emphasized the critical need for transparency and proactive measures in handling cybersecurity incidents. Despite the increasing frequency of data breaches, response strategies remain inconsistent and inadequate, she noted. Greaves highlighted the lack of transparency in Barbados, particularly in informing customers and clients about breaches and managing communication effectively. She cited the 2012 Target retail chain breach in the U.S., where a third-party vendor compromise led to significant reputational fallout due to poor communication. Greaves warned that government agencies are equally vulnerable to such risks, with several recent cyber incidents underscoring the importance of reputational management. She stressed the necessity of employee training, learning from past failures, and having pre-planned communication strategies in place. Under the Data Protection Act, breaches must be reported within 72 hours of discovery. Greaves urged organizations to involve communication specialists in their plans to dispel rumors and reassure the public. She also emphasized the immense value of data and the need for robust security investments, stating, ‘Data makes people billions of dollars a day. That’s the kind of security that has to be around data, because data is that powerful.’