Check out our first two articles in this series, Cybersecurity crisis communication: What to do and Crisis communication: What NOT to do.
When a cyber incident happens inside an organization, everyone in the company has a stake in how to approach remediation. The problem is that not everyone agrees on how to handle the public response to cyber crisis communication.
Typically, in any organization, the public relations team handles the relationship between the company and the media, who then decide on how to spin the PR team’s information. And usually, that approach is fine — until there is a crisis to be managed.
Cyber incidents present an unusual challenge to the PR team because, in this situation, they aren’t (or shouldn’t be) the lead communicators.
Cybersecurity mature companies will have an incident response team that includes decision-makers from every aspect of the organization: the CISO, legal, HR, IT, the C-suite, public relations and marketing. In a perfect world, the incident response team will have a well-rehearsed statement for the media, customers and vendors as part of a cyber incident’s aftermath.
Cybersecurity teams and PR too often not on the same page
We don’t live in a perfect world, and in the chaos following an incident, there are often a lot of disagreements between what the cybersecurity team can or wants to reveal and the actual PR approach.
Disagreement ..
Support the originator by clicking the read the rest link below.