Top tips on how businesses should protect their brand and reputation after a cyber-attack.
Global cyber-attacks during the Covid 19 pandemic have risen by 600% according to research published by the business insurance company Embroker. The increased digitisation as a result of adaptations due to the pandemic has increased the global playing field for cyber-crime.
The news has been filled with examples of hackers from China, Russia and Korea trying to gain access to both political and commercial information; mounting prolific nation-state attacks on firms, universities, government departments, think tanks and NGOs. The whole landscape is a prime target for cyber-crime, however, it is also fertile for cyber legislation and collaboration which will drive vigilance and protect all sectors.
All businesses, whatever size, should consider the prospect of some sort of cyber-attack as it is more likely to be when not if. Hackers and thieves don’t need to scale and seal off buildings, similar to the scenes in Bruce Willis’ Die Hard, where he is diving around buildings special forces style, fighting to stop a cyber-terrorist attack. The threat is invisible and very real.
In our world of big data, IT, IoT ecosystems and apps, there is a variety of different types of cyber threat actors (CTA) trying to get your clients, partners and employees’ personally identifiable information (PII). The hackers won’t be coming through the revolving office doors, it is the virtual, digital gateways, via email phishing campaigns, via cloud hacks or via sophisticated supply chain/ecosystem inceptions and well-crafted, coordinated national attacks where they will gain access to systems IE. The Sun Burst breach in the US, also wrongly dubbed or tagged as ‘the SolarWinds breech’. This is a very good example of a brand that had to leap into crisis communications to protect its brand and reputation.
However, here are some tips from OggaDoon about some key steps to take to protect their brand and reputation after a cyber-attack.
Have a sense of urgency, but don’t panic!
There has been an attack; don’t panic, think about the key crisis communication steps. As Sudhakar Ramakrishna, CEO of SolarWinds stated from his experience of leading an organisation through a crisis, “It is one of those hair on fire situations where you don’t act like that, you don’t run down helter-skelter, you just kind of go step by step.”
Prioritise Your Stakeholders
As news of your breach details hit the news platforms, expected or a surprise, your instant PR tactical reaction might be to drown out the bad press by trying to reset the misplaced perceptions, highlighting you’re the victim, trying to shift those negative brand mentions and coverage. However, customers, partners, employees and your supply chain are the priority. Your resources must be geared to your customers.
Transparent Communications
Transparency is the foundation of trust, as it creates empathy from employees, clients and partners. Ensure that you have a good understanding of the situation and share the facts as you know them — who, what, why, when and where. Create a continuous two-way conversation as you learn the details and the plan to resolve the situation. You can deal with the early breech press later in your wrap-up.
Responsibility, Communication & Opportunity
As any business can be the victim of a cyber-attack, you will need to develop a PR strategy before your vulnerabilities become your downfall. There are three key actions in crisis management. Firstly, accept your responsibility and work to address the problem. Secondly, communicate with urgency and effectively with stakeholders, establishing a two-way dialogue. Finally, share what you learned during the different stages of the breach scenario. You can not only become a better individual and organisation but also share this with the cyber community, creating a collaborative community vigil to combat the threat actors. This is where you revisit the negative press at the start of the process.
Yes, your share price may well take a dip immediately after the breach, but by keeping a cool head to understand the situation, including how to address the problem and communicate about it, then you will strengthen both your reputation and your brand. To discuss cyber security crisis management or general marketing and promotion please get in touch with OggaDoon.
