How Not to Handle a Cyberattack: The Worst Crisis Communications Failures
By Meghan Tisinger for SC Media
A cyberattack now happens every 11 seconds and chances are, your organization is next. In 2024 alone, more than 3,200 data breaches were publicly reported in the U.S., compromising the information of over 353 million people. These numbers aren’t just staggering, they’re a warning: cybersecurity incidents are no longer rare, and silence is no longer an option.
How an organization communicates about a cybersecurity incident can be just as consequential as the incident itself. Mishandling the messaging can erode trust faster than any threat actor could. And yet, time and again, companies continue to fumble the basics of breach response, turning a bad situation into a reputational crisis.
As a cyber crisis communications specialist, I’ve seen far too many companies fumble the communications side of a cyberattack by turning a manageable event into a full-blown crisis. Here are the most common (and damaging) missteps organizations make in their cyber response, drawn from some of the most high-profile and mishandled incidents in recent years.
For more, click here.