The importance of communications during a cyber incident
In today's cyber threat environment, being prepared for an incident is an absolute must. After all, as even the most tenured cybersecurity experts will tell you, it's no longer about if an organization will experience a breach, but when.
Consider the following statistics, gathered by CSO contributor Steve Morgan:
- More than $1 billion will be spent on cybersecurity solutions through 2021.
- The financial impacts of cybercrime will reach $6 trillion per year by 2021.
- The damages of global ransomware attacks increased 15-fold since 2015, surpassing $5 billion in 2017.
This type of landscape means that organizations must have plans in place to support their business, their employees and their customers during and after a cyber incident. One of the most important cornerstones of these preparedness plans is communication, including that which involves internal and external stakeholders.
The role of communication in incident preparedness
As Continuity Central contributor Evan Bloom noted, one of the biggest missteps a company can make during a data breach is not having a preplanned communications strategy in place. Disaster recovery and business continuity planning should include a robust communications procedure that outlines the key stakeholders in charge of crisis communications, the team spokesperson and the top decision-maker.
From an internal perspective, such a communications strategy enables essential personnel to glean details about what has taken place as part of the incident, how severe the damage is up to that point, and what steps should be taken to address and resolve the event. In this way, the crisis communications plan should include stakeholders from each company department, including especially the IT and executive teams.
In addition, the communications strategy outlines important partners and service providers that should be notified of the incident, as well as the best ways to inform investors and customers. Businesses must ensure that their vendors, suppliers and clients are made aware of the incident, making external communication as critically important as internal conveyance in the event that a security incident takes place.
Consequences of poor communication
Without a well-defined and thought-out approach to crisis communications, a business can feel numerous negative effects, in addition to those that stem directly from the breach:
- Panic and confusion among internal stakeholders as they attempt to unify efforts to identify and address the cause of the breach to contain the potential damage.
- Compromise or loss of key data including customer information, human resources data, company details and other assets stored within the infected systems.
- Uneasiness or mistrust among customers who may be unable to access client-facing resources like the unified communications system, the website or other on-premise platforms that could be affected by malicious network activity.
- Impact to brand reputation, including issues related to late breach notification or unsuccessful recovery.
Creating and supporting a communications plan
In this way, it's crucial for decision-makers to take the time to establish a crisis communications plan before an incident impacts their brand and its customers. During this process, there are a few best practices to observe, including:
- Identify the crisis communications team, included stakeholders, decision-maker and spokesperson ahead of time.
- Outline the responsibilities attached to each role, such as the person that will serve as the face for the communications process, and how customer notification will be handled.
- Train crisis communications stakeholders and spokespeople on their roles and responsibilities.
- Plan out messaging ahead of time, including the details that will be provided for external stakeholders and the types of language that will be used within the customer notification. As Jonathan Bernstein of Bernstein Crisis Management noted, this can include audience-specific messaging depending on individual groups and media channels.
- Test the plan ahead of time, and identify and address any issues or shortcomings in the strategy before its actual real-life use.
Ensure redundant communications
A key preparation to make to support disaster preparedness is to ensure that even if internal systems and solutions are impacted by a cyber incident, key stakeholders and decision-makers are still able to communicate with one another. This is particularly critical if the business has several, geographically separated office locations – managers across these sites must be able to unify their efforts to reach a quick and successful resolution.
On-premises unified communications could pose an issue in incident scenarios if they are not properly supported by redundancy. An inability to carry out important voice/video conferences, real-time messaging, email and other communications could prevent the crisis communication procedures from being followed effectively.
In this way, it's important that decision-makers consider working with an expert unified communications solution partner with options for cloud-based UC. This style of delivery means that UC systems are hosted off-premise and supported by an expert vendor, ensuring that critical solutions like email, high definition voice and video conferencing are accessible and working effectively, even in the face of a security incident.