How communicators can navigate through cybersecurity crises

The ICBC cyberattack calls for revisiting some fundamental lessons.

Navigating a cybersecurity incident

In today’s world, communicators must be prepared for all sorts of crises, whether they’re directly related to company operations or part of our larger society.

With the news of the ICBC cybersecurity attack that disrupted treasury trading last week, it’s a prime time for communicators to consider the plans they have in place to prepare for cybersecurity issues.

To gain a clearer perspective, we spoke with several seasoned communications professionals about how to prepare the right type of communication ahead of an attack, what to do after one, and the advice they’d give communicators who are navigating through cybersecurity crises.

Adjusting the general crisis plan

Comms leads should have a crisis communication plan in place that they’ve either drafted, modified or otherwise adjusted to the current risk landscape. That’s pretty 101. But in the modern world, that crisis plan needs to account for crises that can arise from all directions, especially from cybersecurity concerns. According to a study released earlier this year by NordVPN, general awareness of cyberattacks is on the decline and only 3% of Americans are knowledgeable about digital privacy protection, and that’s something that comms pros need to contend with.

If you’re not already incorporating cybersecurity crisis comms into your general crisis plan, the time to start is now.

“Any good plan is comprehensive and well drilled,” said Catherine Hernandez Blades, senior vice president of marketing and communications at SAIC. “Preparation for cyber-attacks should be just as robust as how you prepare for what to do in the event of a physical workforce violence event, a natural disaster, or any other crisis.”

Whether the crisis is in the physical or virtual world, you need to be prepared. That’s why things like tabletop exercises are so important. These exercises should plan for many contingencies, as you can never be quite sure of what form an attack might take.

Hernandez-Blades said that everything should be considered, including the little things.

“For example, what if you’re the victim of a ransomware attack by a bad state actor? Does your usual war room team include access to translation services in case the ransom note is written in a foreign language? Plan for every contingency down to the smallest detail while never losing sight of the bigger picture.”

Leadership and partner buy-in

If proper crisis planning is the first step towards preparation for a potential cybersecurity attack, getting leadership on board with the plan comes next.

You can plan by partnering with the right leaders from the outset.

“Engage leadership and create a plan – it’s not a matter of ’if’ but ’when’ in today’s digital economy,” said Kevin Dinino, founder and president of KCD PR. “Communicators need to pair themselves closely with CISO/CSOs to be aligned on how to address technical concerns and the communications process to follow.”

An often-underestimated part of the crisis plan involves going outside the walls of the organization. Be aware of anyone with access to the organization’s IT systems and ensure that the message gets to them as well.

“It’s imperative that all third-party vendors and anyone with access to company systems and networks undergo an extensive review of systems and protocols to test and identify any vulnerabilities,” Dinino continued.

“Not enough companies go through this testing and recent cyberattacks illustrate how third-party vendors often are overlooked but have access to company data and networks.”

Keeping things moving in the wake of an attack 

Preparation is key, but sometimes cyberattacks happen. It’s critical that communicators know what to do to keep comms on message if an attack does occur.

This means amplifying the responsibilities of both internal and external communicators to right the ship and maintain order.

“Internal communications team plays a critical role in instilling confidence in employees that the company is well prepared and able to mitigate the impact of a breach,” said Katarina Matic, global senior director at Montieth & Company.

Internal comms doesn’t stop at relaying the news to employees, either  — it also goes a long way toward setting the mixternal strategy on the right path.

“(Internal comms) plays a pivotal role in informing the external communications strategy and shaping the communication with and the perception of external stakeholders, clients, partners, government, and investors,” Matic added.

Though it might take a little while to get things back on track, communicators can keep stakeholders calm in the interim.

“The reality is that it won’t be business as usual for a period of time,” Dinino said.

“Our job as communicators is to address this with key audiences to focus on how the breach was addressed and what functions need to be serviced to ensure stakeholder retention and that reputational damages are minimized.”

Maintaining a voice at the table

Communicators often pine for a steady seat at the executive decision-making table. Cyberattacks offer an important inflection point for attaining and maintaining that seat,  as you can demonstrate the reputational value of the function by providing a holistic perspective on the path forward after an attack.

“We in communications are in the unique position of having access to a tremendous amount of external and internal information, which we need to do our jobs,” Hernandez-Blades said.

“We peek around corners for visibility into emerging issues. We are the function that exists to truly collaborate across the matrix for the purpose of synthesizing and disseminating information.”

Even with this important role, not all organizations prioritize crisis comms. It’s your job to work toward changing that by providing tangible scenarios to leadership.

“Communicators, both internal and external, need to present concerns in the context of potential repercussions and the real impact those repercussions can have,” Matic said.

Sean Devlin is an editor at Ragan Communications. In his spare time he enjoys Philly sports, a good pint and ’90s trivia night.

COMMENT

PR Daily News Feed

Sign up to receive the latest articles from PR Daily directly in your inbox.