Incident messaging for cyber attack response
- Published: Tuesday, 16 January 2018 09:27
Cyber breaches don’t just impact on internal systems they can quickly escalate into major reputational crises; so how can your business prepare to respond when under attack? Chris Butler provides some pointers...
To quote Warren Buffet, it takes 20 years to build a reputation and five minutes to ruin it. Years later, in our ‘always on’ world, I would wager it can take less than five minutes to incur damage to your image. We are unable to open the newspapers or turn on the television without bearing witness to the latest victim of a cyber attack.
The threat is certainly growing: a recent report revealed that cyber attacks rose by a quarter in Q2 2017. In a world overwhelmed by social media, news of such a disaster can go international in the time it takes to say ‘cyber breach.’ And the potential fall-out of a crisis? Damage to your businesses’ reputation, negative effects on share price and a detrimental impact on staff morale.
If a data breach takes place, organizations must be in the position to communicate information instantaneously and precisely to all parties affected – customers, partners, vendors and staff. However, crises are unique and unpredictable, and can go beyond what you’ve planned for. How can organizations be best placed to respond accordingly?
There are two types of communication that are needed to support a crisis management programme. Both require sufficient preparation to ensure a swift and appropriate response in times of crisis, and that those impacted are kept in the loop by business leaders – not a random social media post.
These should be the cornerstone of any good crisis management programme and are crucial to avoid wasting time deliberating on what to say as the crisis unfolds. But how do you go about developing them? Organizations need to dedicate time to identifying potential scenarios, developing the appropriate messaging templates and selecting appropriate communications channels for each situation. It is recommended to carry out a comprehensive stakeholder analysis to identify the parties who will need to be informed as a priority, and what they need to know. Constructing and clearing provisional statements in advance will place your business in a much stronger position to respond quickly and accurately.
Tailored responses are unique to a particular crisis. While it is not possible to prepare for every single crisis outcome, this does not justify neglecting foresight, groundwork or planning. As the saying goes, an ounce of preparation is worth a pound of cure. Carrying out simulation exercises to educate and train crisis teams, familiarise them with possible outcomes, and uncover opportunities and gaps in their programme(s) will help them develop a readiness mentality. This then places them in a much stronger position to manage threats to their organization.
It’s crucial to enlist a crisis communications team, led from the board, embedded at the heart of your business and possessing a sound understanding of the risks and threats posed to the organization. However, in a crisis the onus is not just on the defined crisis communications team. Senior management will need to be media trained to respond to untoward situations to reduce damage to business brand, to keep staff feeling focused and motivated and to engender confidence amongst stakeholders. They will be a vital conduit to creating market goodwill while the business establishes the nature and scope of the threat; re-instates or bolsters systems or operational integrity and redresses any customer impacts.
Weathering a crisis will depend entirely on your organization’s ability to arm itself and remain level-headed when the time comes. Businesses who deliver well-considered communications in the event of a cyber attack will be the ones to demonstrate foresight and agility; re-positioning themselves as a stronger and more resilient force.
Chris Butler is principal consultant, Cyber Resilience and Security, Sungard Availability Services.