Crisis Communication Management During a Cyber Incident
Communication management is a critical component during a cyber crisis. An effective and well-orchestrated response can mitigate reputational damage, maintain stakeholder trust, and ensure optimal coordination of corrective actions. Below is a detailed guide on the communication strategy to adopt during a cyber crisis.
Crisis Preparedness
Crisis Communication Plan
Before a crisis even occurs, it is essential to have a well-defined crisis communication plan in place. This plan should include:
- Contact details of the crisis management team
- Roles and responsibilities of each team member
- Internal and external notification procedures
Pre-Drafted Messages
Prepare template messages for different types of incidents to save time during a crisis. These messages should be easily customizable based on the specifics of the incident.
Internal Communication
Immediate Notification
As soon as a cyberattack is detected, immediately inform executive leadership and IT management.
Activate the incident response team without delay.
Transparency and Composure
Be transparent with employees about the existence of the incident, while avoiding panic.
Provide clear instructions on actions to take (e.g., disconnect devices from the network, avoid opening suspicious emails, etc.).
Regular Updates
Communicate regularly about the evolution of the situation and the measures being taken to resolve the crisis.
Ensure employees know who to contact for questions or to report issues.
External Communication
Notify Stakeholders
Quickly inform clients, partners, and suppliers about the incident.
Use secure communication channels when sharing sensitive information.
Public Statement
Prepare a public statement to inform the general public and the media. This statement should include:
- Acknowledgment of the incident
- Immediate actions taken to contain the situation
- The company’s commitment to resolving the incident and protecting data
- Contact information for inquiries and support
Coordination With Authorities
If necessary, notify the relevant authorities (e.g., CNIL, ANSSI, etc.).
Fully cooperate with investigators to facilitate their work.
Communication Content
Acknowledge the Incident
Openly admit that an incident has occurred. Transparency is essential to maintaining trust.
Detail Actions Taken
Explain the immediate measures implemented to contain and mitigate the effects of the incident.
Reassure stakeholders that cybersecurity experts are involved in resolving the crisis.
Security Commitments
Reaffirm the company’s commitment to security and data protection.
Outline future measures planned to strengthen security and prevent similar incidents.
Provide Support
Offer information about resources available to affected stakeholders (e.g., hotline, support center, etc.).
Post-Crisis Follow-Up
Post-Incident Reports
After the incident is resolved, prepare a detailed report describing the nature of the incident, actions taken, and corrective measures implemented.
Ongoing Communication
Continue informing stakeholders about progress made in deploying enhanced security measures.
Request feedback to improve processes and future crisis communication.
The Role of Phishia
Phishia supports organizations in managing communication during cyber crises. Our cybersecurity and crisis communication experts collaborate to develop robust communication plans, prepare clear messaging, and coordinate response efforts — ensuring effective crisis management while minimizing business impact.
We also offer cyber crisis management exercises to test your organization’s readiness. Scenarios are developed based on ANSSI frameworks and methodologies.
