Why companies need to be prepared for cyber-security crises now more than ever

The rapid migration to digital technologies driven by the pandemic has accelerated the rate of cyber-attacks exponentially. As the risk of falling victim to these breaches grows, it is crucial for companies to have strong plans in place to communicate with key stakeholders in the event of an attack. With most businesses forced to increase their reliance upon digital services due to COVID19, criminals have not waited to exploit the influx of data available on the internet. According to a Varonis  report, global cyber-crimes increased by 400% during the early months of the pandemic, with over 500,000 Zoom accounts available for purchase on the dark web in April 2020. As companies continue to accelerate their digital transformation, with spending on these services estimated to exceed $2.3trillion USD in the next two years, we can expect more breaches and attacks to follow. As this growth continues, it is crucial for companies to be prepared and ensure they have comprehensive cyber-attack procedures in place.

The importance of communications for cyber-attack responses

As companies are hit with data breaches, many fail to respond to speculation and commentary surrounding them quickly enough. As history has shown, this can be detrimental to business reputations, impacting client and customer acquisition and relationships with key stakeholders. Organisations experience a range of negative outcomes during and after a cyber breach which can be exacerbated by poor or lack of stakeholder communications. These implications can include:

  • Erosion of trust
  • Potential loss of intellectual property
  • Reputation damage
  • A loss of customers / clients
  • Significant inconvenience or harm to stakeholders
  • Lower market value
  • Increase in stakeholder complaints
  • Increased scrutiny (regulators, government)
  • Potential litigation and compensation payments

Preparing for these incidents through strong crisis communication strategies can help manage these issues and risks. Based on our extensive history in developing crisis communication frameworks for clients across a range of industries, we have outlined three principles for the improvement of cyber-attack messaging:

Three principles to help optimise your cyber-attack messaging

1. Use subject matter experts

The nature of cyber-attacks is highly dynamic and increasingly complex.

When disclosing a cyber-attack incident, it is important for companies to state what happened, how it affects key stakeholders such as customers and partners, as well as the steps they are taking to combat it. The involvement of subject matter experts is highly encouraged to ensure response messaging for these procedures stays accurate and specific.

2. Stay ahead of the terminology and knowledge divide

As a minimum, every person involved in the response to a cybersecurity incident requires a basic understanding of IT security. Companies should work towards building a cyber-aware corporate culture. Not only will this increase the efficiency of incident response, but it will also contribute towards its prevention. In order to do so, companies are encouraged to regularly educate and test employees, establish cyber-security as a holistic responsibility and implement breach response plans.

3. Keep abreast of cyber security trends

Cyber-attack methods are perpetually evolving in response to regularly updated security systems and procedures. Because of this, the preferred forms of data breach are constantly changing, making them highly unpredictable. To ensure companies are prepared, leaders must be educated on the various forms of attack, and they must regularly stay on top of those most currently prevalent. In cooperation with our global partnership, Worldcom Group, we provide regular insights relevant to the most prevalent global trends and developments- including cyber-related issues. Click here to learn more.

 

Keep reading
How AI will transform communications