USA – ILLINOIS Trends and Developments Contributed by: Jamie Singer and Meredith Griffanti, FTI Consulting, Inc.
one cyber crisis over the course of their entire career – cyber crisis communicators see one (or more) every day. Most importantly, because cyber-attacks are at an all-time high, organisa- tions are rarely criticised for just having experi- enced one but they are scrutinised for how they respond to it. Companies should consider the following points when weighing the decision to hire cybersecurity crisis communications specialists to supplement corporate communications and PR teams. Cybersecurity events are not your average crisis One of the hallmarks at the outset of a cyberse- curity crisis is the absence of confirmed facts. Facts can change quickly over the course of cybersecurity forensic investigations. Informa- tion security teams can expect to be bombarded with questions and demands for answers, such as what was the root cause of the incident, is the incident contained, when will systems be back up and services operational again, and whose and what data is involved? Stakeholders today have higher expectations of companies when it comes to communications about these incidents – they demand transparent, immediate and fre- quent communications from organisations. The challenge is cybersecurity incidents and inves- tigations are fluid situations and many, if not all, of these answers will not be available right away. As a result, some of the common principles of “crisis communications 101” do not necessar- ily apply to cybersecurity incident response. For example, whereas “radical transparency” is a common hallmark of crisis communications, in cybersecurity matters, the early bird does not necessarily catch the worm. Rushing to commu- nicate everything a company knows – or thinks it knows – in a cybersecurity matter can create more risk for an organisation if unconfirmed or
speculative information is communicated in the interest of urgency. This includes attempting to quickly communicate speculative information about the scope of the incident and the data that may or may not be affected. Cybersecurity crisis communications advisors can help inter- nal communications teams navigate the tricky balancing act between transparency and risk, and help companies avoid common pitfalls of communicating information they may have to retract later. There is an immediate need for communications Because of the operational disruption that often results in cybersecurity incidents, there is fre- quently an immediate communications impera- tive that the victim organisation must confront. Customers and staff are likely going to notice the disruption that encryption or disconnected services may cause – for example, an inability to ship products, provide services or pay employ- ees. It is important to work with communica- tions professionals who can quickly help victim companies establish “single source of truth” that enables the organisation to set the narra- tive around what happened and what worka- rounds are in place to facilitate business conti- nuity. Stakeholders such as customers, partners, employees, vendors and regulators need to hear confirmed information directly from the compa- ny – and the message needs to be consistent across those groups and most importantly, it needs to be accurate. Communications and legal teams must be in lockstep There is an age-old misconception that commu- nications and legal teams are often on oppo- site ends of the spectrum. But when it comes to cybersecurity incident response, commu- nications and legal teams must be in lockstep
174 CHAMBERS.COM
Powered by FlippingBook