Did you know, one of the biggest threats to your company’s security now takes place online? It’s called a cyberattack, which is any type of deliberate, socially, financially or politically motivated exploitation of computer systems, technology-dependent enterprises or networks.
Cyberattacks use code to alter computer code, logic or data, which can result in consequences that compromise data and lead to crimes such as identity theft.
A common example of a cyberattack is when a business’s customer data is accessed, stolen and used in fraudulent activities.
While you may never think a cyberattack will happen to you, this is an event you must prepare for.
How to create a cyberattack crisis communication plan
- The first step to creating a crisis communication plan for cyberattacks is to determine what information you have that others may want. If you don’t collect personal information or data, think about if there’s any entity that would benefit from a network infrastructure failure – for example, who would benefit if your internal servers went down and you could not access any information?
- Once you determine exactly what information could be stolen, your team can draft and gain approval of pre-written statements that address the various potential circumstances. These statements should include the following: what happened, how it happened, what information was leaked, what is being done to correct the situation and what risks your publics face, if any.
- Should an attack occur, you must monitor (or have your IT department monitor) the ongoing attack to be sure it doesn’t spiral out of control to compromise even more data or information. It is imperative to shut down the leak as quickly as possible.
- Know that you can’t predict the unpredictable. The digital landscape today is fragile and organizations need to be able to easily adapt to a potential crisis – especially one that takes place in cyberspace. There are a number of tools available to businesses to protect its assets, revenue, etc., and you should speak with your IT department to ensure these tools are in place and being fully utilized. This may help prevent crises before they can even begin.
- Test it out! There’s no reason you can’t facilitate a test cybersecurity breach to practice what you would do if something this grave should occur. This may also help you identify any potential holes or flaws to your current crisis communication plan for cyberattacks.
- Keep in mind there may be legal components at play. Due to the nature of a cyberattack, there are often a number of legal obligations and ramifications, and part of creating a cyberattack crisis communication plan is to identify a process and understand your company’s legal responsibilities in the event of a data breach. If you have an internal source who can help with this, great! If not, seek outside help. This is a step you do not want to skip.