If your firm is subject to a cyber-attack, the important first step is to make staff aware of the problem. Before you think about communicating with external stakeholders, let your people know what’s going on and what they can do to help fix the problem.
Make your advice practical. A cyber-attack may involve phishing emails, malware or ransomware. If such threats are present, staff need to be told to be on the look- out for suspicious emails, not to click on the links and to report any unusual cyber activity right away.
It’s important that staff get their information from the comms department rather than the media which tend to sensationalise. An emergency is a tough time and it is part of the comms team’s job to build trust. Employees must feel confident there’s a plan in place and the company is dealing with the emergency in an effective manner. Staff need good dispassionate information from the comms team to allow this to happen.
Don’t forget a cyber-attack may force you to shut down your email server. This means having an emergency comms platform in place ahead of time is critical.
When it comes to external comms a speedy response is needed as it is likely the attack is already on social media. It may be tricky to establish the facts and impacts of the attack, but IT must do this if comms teams are going to be able to work effectively and not be forever on the back foot.
If the story has broken, then release a holding statement setting out what you know, however limited that may be, together with your key messages.
This may be how customers can best protect themselves by changing passwords and what you are doing to address the problem. Obviously don’t speculate about what you don’t know.
If you can confirm that no confidential data has been seized than do so, but only if you are absolutely sure. If data has been stolen, then journalists and others will be asking about the extent of the breach and whether the data was encrypted. You must have your answers ready.Back to Resources