By Thom Fladung/Hennes Communications
When working with companies and organizations on crisis communication plans, we ask a simple question to the leadership team: What keeps you up at night?
The #1 answer for businesses across the world is becoming clear: cybersecurity.
Infosecurity Magazine, citing the 11th Annual Survey of Emerging Risks involving 200 risk managers primarily based in North America, recently reported that cybersecurity has remained the top threat for three straight years.
“Cyber continues to be a top current and emerging concern for 53% of respondents, followed by terrorism and technology,” Infosecurity said, adding that “a growing consensus among risk managers (is) that with a cyberattack comes the risk of business interruption and damage to brand or reputation along with the potential of a data breach.”
And if surveys like this one aren’t enough, follow the money.
Forbes magazine reported at midyear of 2018 that “In the United States, outlays for cybersecurity have jumped from $40 billion in 2013 to $66 billion in 2018, if, that is, the pace of spending in the first half holds up for the entire year.”
So, you’re out there running a business and, like many businesses, you haven’t done much to prepare for cybersecurity threats. What should you do?
You can start by attending some educational events. The good news: The prominence of cybersecurity threats means that many organizations are stepping in to help.
For example, MAGNET, the Manufacturing Advocacy and Growth Network, is staging a Cyber Risk Executive Roundtable, Workshop & Panel aimed at manufacturers from 7:30 a.m. to 11:30 a.m. at Firestone Country Club in Akron, Ohio. It’s free and you can learn more by going to MAGNET’s website or clicking on this link.
From a crisis communications standpoint, cybersecurity scenarios and messaging should be part of any crisis communications plan.
The plan will include details such as which of your key stakeholders – employees, customers, vendors, business partners – should be contacted after you become aware of a data breach or other cybersecurity event. The plan should describe who on your team is leading those communications and when they go out.
Crucially, a well-done crisis communications plan also will include the actual messaging – already approved by your leadership team, including legal – that can be used to initially respond.
Getting out first and telling your story to the people who matter most to you is a critical step in protecting your reputation.
Kevin Mandia, CEO of security firm FireEye, recently said in PRSA’s Strategies & Tactics, “If you’re breached and you know it, somebody else knows it and it’s a footrace.”
Having a crisis communications plan means you’re in that race by knowing who says what to whom, when and how if a crisis hits. With cybersecurity issues, increasingly, that seems to be when the crisis hits.
Thom Fladung is managing partner at Hennes Communications. For more on our experience with cybersecurity issues and crisis communication plans, contact us at 216-321-7774 or visit our website.