Effective communication navigates companies through a cyberattack
Cybercrime and data theft are a super disaster and can cause companies to stumble. An emergency plan helps everyone involved to keep their nerve and, above all, stay in control.
The financial and operational impact of a cyberattack can bring an organization to the brink of its existence. On average, the cost of a data theft amounted to 4.3 million euros in 2023. This is a threatening sum for small and medium-sized enterprises (SMEs), which are often the focus of attacks. After all, according to statistics from Sophos X-Ops, 43% of all cyberattacks last year targeted this level of organization. Reputation and trust, two crucial success factors in highly competitive markets, also suffer. Clear, rapid communication is the key to maintaining control of the situation and mitigating the consequences.
Crisis management in the event of a cyberattack means thinking through the possible scenarios before an incident occurs and drawing up clear guidelines for the actual attack. Sophos has compiled the most important points and described them in detail in its guide to creating an incident response plan.
Prevention
Aspects that need to be considered before a cyber incident:
- Does the company have an emergency plan and does it include crisis communication in the event of data theft? Experts in IT, law and communication can help with this.
- Appointing a spokesperson ensures consistent messages to business partners and the public.
- The emergency plan should be ready to hand and accessible from anywhere, even if the systems are compromised.
Reaction
Aspects that need to be actively launched after a cyber incident: Responses after a cyberattack vary according to escalation and messages. The emergency plan must therefore be individually adapted to the company. However, the following steps are almost always essential and the organization must prioritize them:
- Informing law enforcement: usually by the selected spokesperson of the company.
- Consulting with experts: In Germany, the federal and respective state authorities regulate data protection. The contact persons should also be noted in the emergency plan.
- Make declarations: Timeliness is crucial to manage public perception and control the narrative. Ideally, there is already a template in place that can be completed in an acute manner with a clear statement on the following questions: how did the theft occur, what data is affected and what measures are being taken to remedy it, including for the future.
- Communication with stakeholders: Whether vendors, customers or investors, companies should quickly inform their most important partners about the cyberattack and, if necessary, the data theft. Ideally, this communication should already be included in the emergency plan. The communication channel should also be considered - if email communication is not possible, other secure channels must be used and these must be implemented and tested in advance.
- Communication with affected persons: Transparent, empathetic, timely - this is how organizations should ideally deal with people whose data has been stolen. A template is also useful here.
Fast and effective crisis response
"Setting up a cyber incident communication plan is crucial for any organization to prepare for a cyberattack," said Michael Veit, cybersecurity expert at Sophos. "This gives companies a clear navigation guide and control even in rough seas. In addition, simulations of crisis scenarios help to identify potential pitfalls and continuously adapt the plan to new threats."
Source: www.sophos.com
