Technology / #R32016: How to talk to the media when your business is hit by a cyber breach
#R32016: How to talk to the media when your business is hit by a cyber breach
14 July 2016 |
Your business has suffered a cyber breach. The media is asking questions. Stakeholders are demanding action. What do you do next?
According to David Carvalho, CISO at CryptoHeroes, to limit the damage caused and recover from the attack it is important to stay calm, follow the company’s existing procedures and take care to ensure that the information you give to the press is accurate and realistic.
“After being breached, the most important thing is for a company to have a communication plan in terms of crisis management,” he told Business Reporter ahead of the R3 Summit 2016. “Who manages their PR and how can they manage their exposure on the internet? Having documentation and processes is probably the most important thing.”
While the aftermath of a cyber breach can be a stressful time for business leaders, Carvalho says it is important that they keep a level head. “I think the most common mistake would be to panic,” he explains. “People tend to make bad decisions when they’re under pressure.”
Panic can lead to rash actions that cause further damage to a business and its reputation – especially at a time when the media is focused on an organisation. Carvalho says going to the press with “sub-par information” can be detrimental to damage containment, as he says TalkTalk discovered after its data breach in October 2015.
While he says it is inevitable that a company’s reputation will be damaged at least a little bit following a data breach, Carvalho says that a thought-out response plan including procedures to follow, and the consequent speedy response, can be a big help.
“Companies have to defend their integrity,” he explains. “They have already been breached and there is a level of trust lost from that. When there is a data breach, there should be some kind of internal SWAT team that defends their reputation, takes care of digital privacy and has some kind of response in terms of defending itself against future attacks.”
And it is not just attacks on their own systems that firms need to keep an eye on. They must also watch out for incidents at other organisations in their industries. If a news organisation is breached, for example, other outlets reporting on similar topics could be at risk, too.
This highlights the need for information sharing and threat intelligence, Carvalho says, “just like militaries have information on what other countries’ capabilities are”. “Businesses are in an environment akin to an arms race,” he says.
But no matter what happens, Carvalho says it is “worse than anything” for a company not to appear to be on top of things following a breach. For this reason, thorough preparation and planning is essential. “And communication is really paramount,” he says.
See David Carvalho speak alongside other industry experts at the R3 Summit 2016, taking place in London this September.