Scroll Top

#Cyberattacks – Communications Strategies for Recovery

Ransomware, Data breaches and theft, and other forms of cybercrime continue to increase in frequency and severity. While organizations may make a best effort to avoid being the victim of such attacks, if it happens to you, the manner in which you communicate it to your stakeholders can greatly impact how well you survive and recover from the crisis.

To help guide you along the road from initial attack to recovery, here are some guidelines on how to respond:

  1. Coordinate Your Efforts

Like dominoes, the minute you start releasing information to your stakeholders about the attack, you’ll need to ensure you’re ready to release all of your messaging in sequence. If you don’t already have one, you’ll need to create a stakeholder map and determine the best strategy for ensuring your primary group is the first one to receive the notice. The worst mistake you can make is to assume you can keep the information hidden from the public eye, have all of your messaging clear, and ready in advance.

  1. Know the Facts

This leads to the second thing you must remember when responding to a cyberattack event. Make sure you know the facts before you say anything. The last thing you want to do is report inaccurate information or data and have to retract or reissue a different statement. Additionally, you need to ensure each business line knows what the response plan is, and how to respond to inquiries, etc.

  1. Own the Story

The importance of retaining control of the story can mean the difference between success or failure in the response and recovery of the attack. You need to be the first to “break the story,” and you need to monitor the situation closely to ensure you’re one step ahead. It’s important to communicate throughout the entire process; what’s going according to plan, what’s not going so well, etc. Keep information confidential if it is proprietary or infringes on privacy laws, but otherwise, you must be honest and transparent – nobody will respond well to a watered-down version of the truth.

  1. Know your Media Phases & Prepare Your Spokesperson

There are three main media phases during crisis coverage: issue discovery, identification of who’s responsible, and then analysis. You’ll want to be prepared to respond to all three. A key factor in being an organization that makes it through a crisis like this relatively unscathed is one who has chosen the right spokesperson, typically should be the CEO or top leadership of the organization and has demonstrated their knowledge and awareness of the severity of the situation.

  1. Take Responsibility for Moving Forward

People will expect the organization to be accountable and to have a plan for remediation. These types of attacks are increasingly less acceptable by the public, and you must demonstrate how you plan to do everything possible to fix the damages and to return to stable operations. You should be clear and honest about what you’re doing and report against the plan as action is taken. When the event is over, you’ll want to conduct a thorough debrief to review how well the crisis plan was executed and to make any appropriate amendments. Depending on what type of organization you are, you may want to share a report with stakeholders to boost and maintain trust.


About the Author: Katie Robertson is an expert in crisis communications, strategic planning, and media relations. Her 15+ years in public and government relations were built on her post-secondary education at Humber College and Athabasca University. She specializes in providing emergency and crisis communications management services for government, not-for-profit organizations, and educational institutions.

Hosted on Panda Cloud