Cyber Crisis Communications: How to Communicate during a Cyber Attack?
Date: 30 May 2024
Your response in the Golden Hour of a Cyber Attack can significantly decide its impact on your business. And how you communicate determines how secure your brand reputation will be. It can also help you save face with regulatory authorities, besides ensuring business continuity.
Effective crisis Communications in the midst of a cybersecurity incident is critical today. Transparent and coordinated communication with all stakeholders is central to effective cyber incident response. New regulations such as the EU Digital Operational Resilience Act also place tremendous importance on this crucial aspect of cyber resilience.
But what does effective Cyber Crisis Communication entail? How do you ensure that you’ll be able to communicate effectively when an incident occurs?
How will you appease all the stakeholders impacted? Will you be able to manage the narrative when the media is hounding you for comment? That’s what we intend to explore in this article.
Topics Covered:1. What is a Cyber Crisis Communications Strategy?
2. How do you ensure effective Crisis Communication during a cyber attack?
What is Cyber Attack Crisis Communications?
While the term is pretty much self-explanatory, the importance of Crisis Communications is often lost on many businesses. Go back in time just a little with our Cyber Attack Timelines. You’ll find several examples of businesses which entirely overlook making timely statements as part of their incident response processes. You’ll also find those that manage to rub the media and customers the wrong way with their communications.
Honest transparent communication about a cybersecurity event, whether it affects a few staff or thousands of customers, can greatly influence your reputation. Concealing important details, using cliches, pinning the blame on users for being negligent, are all surefire roads to a PR disaster.
It’s also important to remember that restoring affected systems and resuming operations post incident is never enough. Effective incident response means understanding that the incident may not be over just yet. In the immediate aftermath of the incident, you have no idea of how things may unfold over the long term.
Many cyber attacks, especially where ransomware gangs are involved, end up looking like convoluted plots of a crime potboiler. It’s wise, therefore, to choose your words carefully. Be far-sighted enough to understand that one incorrect phrase could be used against you in the future. In fact, the statements you make now could also be taken out of context and held against you in case of future incidents.
Caution, agility, precision and effectiveness should be the cornerstones of your cybersecurity crisis communications plans. And this can only be achieved through planning and practice. In the next section, we look at how you can develop a robust Cyber Crisis Communications Strategy. We also show you how you can win stakeholder trust and secure your reputation during a cyber crisis.
How to Prepare for Effective Cyber Crisis Communications?
#1. Ironclad Cyber Incident Response Plan: There are simply no two ways about this. You have to continuously invest time, effort and resources towards ensuring your cybersecurity incident response plan covers all the bases.
Your security incident response team should know what to do and how to contain the damage as fast as possible. The Cyber Crisis Communications Plan is a part of this comprehensive process.
To ensure seamless information dissemination and a consistent narrative, the plan must include:
- Pre-defined messaging templates for possible cyber attack scenarios.
- Clarity on roles and responsibilities.
- Designated spokespersons
- Well-defined communication channels and protocols.
It’s imperative to invest resources into keeping your Cyber Crisis Communications plans up to date and relevant. Learn from the mistakes of others, study their lessons learned and make provisions in your plans to ensure you don't repeat their mistakes. Review and refresh your plans regularly and ensure the senior management is aware of them.
Our NCSC Assured training in Cyber Incident Planning and Response covers all these critical aspects of incident management and crisis communications.
#2. Practise Cybersecurity Communications & Decision-making - It's great to have an effective plan for crisis communications. But what good is it if those who have to communicate aren't really conversant with it?
Ensure that your senior leadership and management team regularly rehearse for a possible cyber crisis with Cyber Crisis Tabletop Exercises. C-suite cybersecurity readiness is of paramount importance. Ultimately, they’re the ones who will be reaching out to stakeholders and reassuring all parties involved. The final responsibility to customers, partners and the Board lies with them.
Simulated cybersecurity drills help them understand what is expected of them in a real-world attack situation. They’re also able to enhance their understanding of how to communicate in an actual cyber crisis. These drills allow them to build the skills and communications capabilities that will eventually save the company’s reputation.
Cyber Tabletop Exercises must also see participation from departments such as HR, legal and most importantly Public Relations. Let’s face it - today a cyber attack is as much a technical and business problem as it is a PR problem.
Every statement that the company issues while in the midst of a data breach or ransomware attack carries weight. It is scrutinised, dissected and ultimately decides how the public and media judge the organisation.
#3. Bring Experienced Cybersecurity Consultants on-board: Do you still feel uncertain of your computer security incident response capabilities? Are you still unsure if you’ll be able to communicate with confidence and clarity during a cyber attack? Well, in that case, it’s worth enlisting the help of cybersecurity experts.
Our cybersecurity practitioners have been deep in the trenches of cyber crisis through their years of global experience. They know exactly what can and might go wrong and how to handle it.
You might choose to opt for specific incident response services. Our Incident Response retainers step in to help you manage a cybersecurity incident seamlessly. They advise, not just on the technical next steps, but also on how to communicate and how to report the incident.
Choose our Virtual Cyber Consultant service for consistent improvement in your incident response capabilities. You get to access the expertise of practising cybersecurity experts in a flexible and cost-effective format.
They can help you conduct a communication risk assessment to evaluate your current readiness. They work with you to build crisis communication cyber attack plans that help you secure your reputation. They also help you achieve regulatory compliance and stay on the right side of authorities in case you’re breached.
Final Word
Crisis communications are critical to effective cyber incident response. Timely and accurate information dissemination helps maintain public trust, and mitigates potential reputational damage. During a cyber incident, transparent and coordinated communication with stakeholders, including customers, employees, and the media, is essential to manage the narrative and prevent misinformation.
While this does sound daunting and overwhelming at first, it doesn't have to be so. Establishing a clear crisis communication plan that includes predefined messaging templates, designated spokespersons, and a robust communication channel strategy are great starting points. Regular training and cyber attack simulation drills will take your crisis communication capabilities a step further.