Mike Shultz, Chief Executive Officer, Co-Founder, Cybernance
On Friday, May 12, ransomware cyber attackers indiscriminately attacked state agencies and enterprises all over the world. As the ransomware virus spread through company networks, putting valuable company and customer data at risk and stalling operations for many, organizations were going into crisis mode. It’s pertinent that a crisis communications plan include protocols for cyber attacks, as these are becoming increasingly common.
For companies who were impacted by Friday’s global cyber attack, the following are important steps for ensuring your key stakeholders remain confident and calm in your company’s ability to remediate the damages.
- Act quickly and accurately. In order to stay in control of your story, know what the facts are and stick to them. You need to quickly retain control of your processes and information and ensure that each line of business is aware of the crisis plan, and is sending all status updates and problems to the appropriate channels.
- Break the story before media does. Own up to the issue with as much accurate information as you have at the time. Understand the size and scope of the problem before making any definitive statements. If you report inaccurate numbers—such as number of customer accounts breached—you run the risk of having to backtrack on previous statements and admit the problem was worse than expected. Maintaining that you’ll share the accurate figures upon analysis of the scope of the incident in the face of tough questions from media will be more beneficial for you and all stakeholders in the end.
- Assign your crisis spokesperson.The spokesperson for a cyber attack crisis should be both technically knowledgeable and an authority figure in the business. Top leadership should take the responsibility to address the issues at hand. If your spokesperson is the CEO, ensure she or he is able to speak accurately and intelligently about the technical details. You wouldn’t want your spokesperson to lose credibility by accidentally misstating factual elements of the event. People need to know that top leadership is in control and command of the situation.
- Be fast and unwaveringly clear about the remediation steps.Your company must be accountable—leaders in every department included—to the company plan for remediation. Data loss is not only harmful and expensive, it’s becoming increasingly less acceptable by the public, and you must do everything possible to remediate the damanges of data loss and interruptions to business continuity. Ensure that you’re being uprfront and clear about what your company is doing, here, so your key stakeholders can rest assured their data is in good hands. Customers and people are number one priority.
- Communicate, communicate, communicate.Monitor the situation every step of the way. Communicate about what is going as planned. Communicate the good news AND the bad. Don’t attempt to conceal information, and don’t sugar coat a bad situation. People are not going to react well to anything but the truth.
- Summarize.When the crisis has been managed, be sure to hold a leadership debrief to review the crisis plan and how the company fared. This is the time to make amendments to the plan, and to reinforce what worked and what didn’t. If needed, share a high-level summary with your stakeholders so they can rest assured the company is in good hands.