Coming Soon: Sentinel Spaces, a powerful new approach to major incident response

FIND OUT MORE
Skip to main content

7 Steps To Effective Cyber Crisis Communications

7 Steps To Effective Cyber Crisis Communications

Jim Preen
by Jim Preen
Jan 29, 2024 11:33:14 AM

If your business is the victim of a cyber attack, your crisis communications will determine how customers and the public react. Avoid a PR disaster with these simple steps.

Guidance for Internal Comms

Priority one – make staff aware of the incident

If your firm is subject to a cyber-attack, the important first step is to make staff aware of the problem. Before you think about communicating with external stakeholders, let your people know what’s going on and what they can do to help fix the problem.

Make advice practical for employees

Make your advice practical. A cyber-attack may involve phishing emails, malware or ransomware. If such threats are present, staff need to be told to be on the lookout for suspicious emails, not to click on the links and to report any unusual cyber activity right away.

Create one source of truth

It’s important that staff get their information from the comms department rather than the media who tend to sensationalise. An emergency is a tough time and it is part of the comms team’s job to build trust. Employees must feel confident there’s a plan in place and the company is dealing with the emergency in an effective manner. Staff need good dispassionate information from the comms team to allow this to happen.

Have a backup communications platform

Don’t forget a cyber-attack may force you to shut down your email server. This means having an emergency comms platform in place ahead of time is critical.

Guidance for External Comms

Quickly create an external response to establish the facts

When it comes to external comms a speedy response is needed as it is likely the attack is already on social media. It may be tricky to establish the facts and impacts of the attack, but IT must do this if comms teams are going to be able to work effectively and not be forever on the back foot.

Release a holding statement till you know the complete picture

If the story has broken, then release a holding statement setting out what you know, however limited that may be, together with your key messages.

Don’t speculate about what’s still unknown

This may be how customers can best protect themselves by changing passwords and what you are doing to address the problem. Obviously don’t speculate about what you don’t know.

If you can confirm that no confidential data has been seized then do so, but only if you are absolutely sure. If data has been stolen, then journalists and others will be asking about the extent of the breach and whether the data was encrypted. You must have your answers ready.