Published in Law.com and Mid-Market Report
By Ioana Good
Data breaches and cyber-attacks are front-page news at an alarming rate. Additionally, other types of crises spin out of nowhere, most often relating to financial, personnel, organizational, and natural disasters. For many companies, it’s not a matter of if you experience one of these crises, but rather, when. Statistics indicate that the number of organizations that have experienced a crisis is one out of every two U.S. companies.
Focusing resources on preventing crises such as breaches is critical but having a communication and response plan in place is equally important. After all, a poorly executed response can have long-term impacts on your reputation. Customers are more focused on data protection and privacy than ever before. Research shows, they stop buying from companies who have a cyber breach for at least the short-term, if not forever.
There’s also the cost of rebuilding a reputation after a poorly handled incident response. This can far outweigh the cost of having a solid crisis communication plan in place that has been mock tested and is ready to execute if the need arises. And this response should happen across all aspects of the business, internal and external, to be successful. “Rapid response to an event will help dispel rumors, provide critical information to employees, suppliers, and customers while restoring confidence in the organization,” says Camron Wilde, who oversees branding and advertising efforts at Ball Janik, LLP.
A successful response to a crisis can be accomplished using these five strategies:
- Train and educate all employees.
Building a culture of awareness is critical to both preventing and reacting to a cyber-attack. All employees now play a part in protecting an organization and its data. Still, it is imperative to conduct regular training to make everyone aware of their role in protecting and responding to an attack. “Training employees about threats they face and how to protect themselves and the organization is imperative,” notes David Touchton, Founder of FSO Services, who provides security consulting to companies that work with the Department of Defense. “The nature of the threat landscape is constantly changing, and every company must commit to a culture of education to prevent or respond to an attack.”
- Develop a crisis response plan that can be tailored quickly to different types of incidents.
The way you communicate about an incident will depend mainly on the kind of incident you have experienced. Communication around discovering an insider threat…
To read the article in full, click here. (Subscriber-based).