BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

The New Frontier: How Smartphone Data Can Revolutionize Cancer Care
19 Ways To Communicate ‘Weaknesses’ In Job Interviews
Building Classrooms Using Recycled Plastic Blocks: Learnings From UNICEF
10 Reasons Why DEI Is Important For Businesses And How It’s Evolving
Value Over Vanity: How To Focus PR Efforts To Drive Business Impact
There Is A Difference Between Providing Oversight And Micromanaging
Edit Story
ForbesLeadership

Communicate With Confidence Through A Cyber Crisis

Forbes Communications Council
Kaylin Trychon
Former Forbes Councils Member
Forbes Communications Council
COUNCIL POST
Expertise from Forbes Councils members, operated under license. Opinions expressed are those of the author.
| Membership (fee-based)

Kaylin Trychon is Vice President and Cybersecurity Practice Lead at Rokk Solutions. She is also Director of Comms for Aerospace Village.

Data breach. Ransomware. Insider threat. Disinformation. Misinformation. Social media manipulation. 

For communications and marketing professionals, these are just a handful of the things that keep us up at night. It’s no longer if, but when your organization will fall victim to a digital assault. 

According to research from the University of Maryland, hackers probe a network every 39 seconds, on average 2,244 times a day. The digital world, which we are nearly dependent on, is full of nefarious actors that do not care about your organization, its mission statement or its reputation. 

Communications professionals need to be familiar with information security, its risks and how to respond to a crisis. And they also need to understand the tactics to prevent one. This involves helping executives make the proper cybersecurity decisions to protect the brand’s reputation and bottom line.

October marks National Cybersecurity Awareness Month. Each year, the National Cyber Security Alliance, in collaboration with the U.S. Department of Homeland Security, establishes a theme and resources to help bring cybersecurity awareness to the masses. The 2020 theme is “Do Your Part. #BeCyberSmart.”

MORE FOR YOU

New FBI Warning As Hackers Strike Email Senders Must Do This 1 Thing

Is Google Chrome Still Tracking You

Is Your Android Smartphone At Risk From A Dirty Stream Attack

In support of this theme, here are four ways communications teams can do their part to prepare for and navigate their organization through a cyber incident.

1. Develop A Playbook 

Most security teams have incident response plans and a playbook. This should be the first stop for a communications team. Figure out how your company’s security team plans to approach an incident and the channels they must utilize, and determine how a communications plan fits into that strategy.

The security team should also provide your team with strategic insight into your organization’s threat model and the types of incidents that are most likely to occur. This will help you tailor your response playbook and save you invaluable time during an actual incident response.

2. Stakeholder Buy-In 

Falling victim to a cyberattack, data breach or viral disinformation campaign requires a coordinated, timely response. Your typical holding statement won’t do. To respond effectively, you need the buy-in from multiple internal stakeholders: general counsel, the chief financial officer (CFO), the chief information security officer (CISO) and the CEO.

Schedule a meeting to review the playbook and receive buy-in from each stakeholder. This will also provide you with an opportunity to identify who your spokesperson is going to be in the event of an incident. Your spokesperson should be able to talk about the incident and the organization’s security posture, as well as be able to field any questions related to the business itself.

3. Understand The Media Landscape 

I find that most communications teams overlook this crucial piece of the incident response puzzle. The reporters who typically cover your industry or your company are not the reporters who will cover your breach. There is a cyber beat, and it is made up of reporters who know the industry and the threats inside and out. They are smart, and they have resources at their disposal.

Your run-of-the-mill holding statement will not stop these reporters from going out and uncovering what you have failed to tell them. Transparency is key. The best way to turn a data breach into a public relations (PR) nightmare is to lie or withhold information from the press. To avoid this, get to know these reporters, and build relationships with them.

4. Conduct A Tabletop Exercise 

Putting your plan into action is the only way to know if it will be effective. Tabletop exercises are common for security teams. The next time your organization plans one, you should advocate for a communications component. It will help you identify any weaknesses in your response.

This is also a great opportunity for the chosen spokesperson to practice giving interviews on this sensitive topic. The more comfortable you all are with the information and the dissemination of it, the smoother your real-time crisis response will be. 

Most of the time, communications teams aren’t afforded the opportunity to plan for specific crises in advance and are forced to be reactive. That’s not the case with cyber incidents. It’s only a matter of time before your organization is forced to respond to a data breach. Will you be ready?

Forbes Communications Council is an invitation-only community for executives in successful public relations, media strategy, creative and advertising agencies. Do I qualify?

Follow me on Twitter or LinkedInCheck out my website
Kaylin Trychon
Kaylin Trychon