How to Communicate During a Cyberattack

In today’s world, the inevitability of cyberattacks means businesses must be prepared not only to handle the technical aspects of a breach but also to manage the communication surrounding the incident. A well-structured communications strategy offers numerous benefits, helping to mitigate damage, maintain trust, and ensure compliance.

Just a few days ago, a massive disruption in global operations grounded flights, obstructed public transit systems and shut down banks, hospitals, stock exchanges, and even 911 centers due to a technological glitch. This alarming incident caused people to frantically withdraw funds from banks across the country out of fear of a cyberattack. According to USA Today, the U.S. cybersecurity software company CrowdStrike issued a defective update that crashed Microsoft Windows systems around the globe and stated the incident was “not a security incident or cyberattack.” Yet the global upset gave a warning for what a cyberattack could do. Data breaches are an unfortunate reality for businesses of all sizes in today’s digital age and, while robust measures are essential, an equally crucial aspect is the communications strategy employed when such an incident occurs. Effective communication during a cyberattack is essential to mitigating damage and maintaining trust. By preparing in advance, responding promptly, maintaining transparency, and complying with regulatory requirements, you can navigate the crisis more effectively and emerge with your reputation intact.

Cyberattacks are the leading cause of crisis events, accounting for 28% of incidents that triggered the activation of crisis communications plans, according to a 2023 business survey. But many businesses overlook crisis communications as a key part of their cybersecurity response preparedness, focusing primarily on technical aspects instead. A well-prepared communications strategy shows your company is proactive, rather than reactive. By being proactive in your communication, you control the narrative and prevent misinformation and rumors from spreading. Acknowledging the breach and taking responsibility demonstrate accountability, which is crucial to maintaining stakeholder confidence. This shows you are taking the matter seriously and are committed to resolving it. This can significantly reduce speculation and fear, which often exacerbate the perceived impact of the breach. Transparent and timely communication preserves and even enhances trust. When stakeholders are promptly informed about a breach and the steps being taken to address it, they are more likely to continue their relationship with your business.

Managing communications well during a cyberattack begins with a predefined strategy that streamlines internal communication, ensuring all team members are on the same page and can respond swiftly and effectively. This involves coordination among various teams, including IT, legal, and PR. This coordinated effort ensures a more efficient and comprehensive response to the breach. Key ingredients for an effective communications plan to mitigate this type of crisis include issuing an immediate response, implementing transparent and timely communication, and providing continuous updates.

• Assess the situation. Before communicating, gather all relevant information about the breach. Understand what happened, the extent of the breach, and the potential impact. This assessment helps in crafting an accurate and honest message.
  
• Initial notification. Once you have a clear understanding of the situation, notify affected stakeholders promptly. Delay in communication can lead to mistrust and speculation. The initial notification should include an acknowledgment of the breach, a summary of what is known, steps being taken to investigate and mitigate the breach, and a commitment to provide further updates as more information becomes available.
  
• Inform key stakeholders. Establish dedicated communications channels, such as a hotline or a special section on your website, for stakeholders to get the latest information and ask questions. Report the breach to authorities within the required timeframe. Provide detailed information about the breach and the steps being taken to address it.

• Regular updates. Provide regular updates as more information becomes available, including the progress of the investigation, measures taken to contain and rectify the breach, and guidance on steps affected stakeholders should take to protect themselves.
  
• Final report. Once the breach is contained and the investigation is complete, issue a final report. This report should cover the cause of the breach, the extent of the data compromised, measures taken to prevent future breaches, and any steps affected individuals should take. Launch initiatives to rebuild trust with stakeholders, including offering free credit monitoring services to affected individuals, enhancing security measures, and openly discussing improvements made to prevent future incidents.

A well-executed communications strategy during a cyberattack offers numerous benefits, from minimizing reputation damage and ensuring regulatory compliance to enhancing stakeholder confidence and reducing financial impact. By prioritizing transparent, timely, and effective communication, businesses can navigate the complexities of a cyberattack more effectively, ultimately emerging stronger and more resilient.