How Communicators Can Navigate Through Cybersecurity Crises
By Sean Devlin for Ragan
In today’s world, communicators must be prepared for all sorts of crises, whether they’re directly related to company operations or part of our larger society.
With the news of the ICBC cybersecurity attack that disrupted treasury trading last week, it’s a prime time for communicators to consider the plans they have in place to prepare for cybersecurity issues.
To gain a clearer perspective, we spoke with several seasoned communications professionals about how to prepare the right type of communication ahead of an attack, what to do after one, and the advice they’d give communicators who are navigating through cybersecurity crises.
Adjusting the general crisis plan
Comms leads should have a crisis communication plan in place that they’ve either drafted, modified or otherwise adjusted to the current risk landscape. That’s pretty 101. But in the modern world, that crisis plan needs to account for crises that can arise from all directions, especially from cybersecurity concerns. According to a study released earlier this year by NordVPN, general awareness of cyberattacks is on the decline and only 3% of Americans are knowledgeable about digital privacy protection, and that’s something that comms pros need to contend with.
If you’re not already incorporating cybersecurity crisis comms into your general crisis plan, the time to start is now.
“Any good plan is comprehensive and well drilled,” said Catherine Hernandez Blades, senior vice president of marketing and communications at SAIC. “Preparation for cyber-attacks should be just as robust as how you prepare for what to do in the event of a physical workforce violence event, a natural disaster, or any other crisis.”
Whether the crisis is in the physical or virtual world, you need to be prepared. That’s why things like tabletop exercises are so important. These exercises should plan for many contingencies, as you can never be quite sure of what form an attack might take.
Hernandez-Blades said that everything should be considered, including the little things.
“For example, what if you’re the victim of a ransomware attack by a bad state actor? Does your usual war room team include access to translation services in case the ransom note is written in a foreign language? Plan for every contingency down to the smallest detail while never losing sight of the bigger picture.”
For more, click here.