Specialist cyber incident response cover is essential

The Myth:

It's OK. I think we can probably handle it all ourselves

Tech teams often attempt a DIY fix before calling for help, by which time the impact and exposure have magnified significantly

On top of this the textbook approach AND the traditional crisis management techniques simply don’t work with a cyber incident.

The Reality:

Specialist support is essential - for incident response, cyber law, reputation management and social influence

It is almost impossible to dislodge dominant players in any market. However, those with a strength in crisis preparedness see massive disruption events as unique opportunities to capture the market leading positions while incumbents and other flounder.

Traditional crisis management and reputation management techniques simply don't work with a cyber incident

PR and crisis management textbooks will recommend containment to hush up an issue. Then once it becomes public you show empathy with other victims in order to gain sympathy from the press and public.
With a cyber incident containment is possible on account of mandatory GDPR disclosure rules. It is also almost the only crime where the victim of the crime (you) will be seen as the villain. Consequently putting executives forward for interview seeking to show empathy won’t gain you any sympathy. It’ll simply put them in the firing line. A totally different approach is required.



Here is what you need to do when you face a cyber incident:

  • The technical fix: Get expert help from a specialist security response team to identify and the fix problem(s), and do forensics to diagnose the cause and full scope. Getting an immediate fix to resolve the problem, stem any data loss and recover any systems is essential. Any delay will magnify the impact of the incident and damages incurred
  • The legal defence: Seek expert advice in cyber and data law to rapidly develop a legal strategy and a legally defensible narrative based on the forensics. Having the right legal strategy and narrative are both essential to limit legal and regulatory exposure
  • The brand defence: Get expert cyber comms support to help your internal and agency teams deal with the added complexity and enhanced comms workload. The standard PR approach to crisis management simply won’t work in a cyber incident and may even make things worse
  • Social response: Get top global privacy/security influencers to act as trusted voices to counter misinformation with authority and hysteria with reach and credibility. To counter misinformation and hysteria when your own credibility is at an all-time low, you’ll need the support of authoritative opinion leaders in privacy and security