Today, companies across industry need cybersecurity PR expertise to help respond in the likely event of a breach.

4 Tips for Data Breach Crisis Planning

Today, companies across industry need cybersecurity PR expertise to help respond in the likely event of a breach.

With tensions rising between the Western World and Russia, the Cybersecurity & Infrastructure Security Agency (CISA) is warning of a heightened risk of cyber attacks on businesses and critical infrastructure operators. But the fact is, these threats have been rising rapidly since the start of the pandemic. In fact, our client SonicWall recently released a global threat report that found rising threats across the board, with ransomware volume rising 105% and never-before-seen malware variants up 65% in 2021.

At ARPR, we’re lucky to receive security advice from our clients who are some of the best in the business. For example, our password experts at Specops Software just released a Weak Password Report that says typical password best practices may no longer be enough to guard account security. Now, multi-factor authentication and blocking weak and breached passwords is required. Additionally, Auvik identified proactive network monitoring as a critical way to identify suspicious activity early before it causes damage.

But something else our clients have shared? Threat prevention is no longer enough. It is equally important to prepare for potential security incidents, including the development of incident response and crisis communication plans. 

Here are some steps to help you get started: 

1. Establish an A-Team. Who needs to be looped in should a cybersecurity incident be identified? To start, likely your security, legal, marketing, and PR teams. Figure out what that chain of command looks like and include it in all incident and communication plans. 

2. Align with risk and security teams on an incident response plan. What should an employee do if they suspect their account has been compromised? What if they discover a larger security incident? An incident response plan is essential for informing employees what to do in the event of a potential security incident.

At the very least, employees need to know who to report to in the event of an incident (see tip #1). But a thorough incident response plan should also include preparation, remediation, and recovery steps to guide your team’s response from start to finish. We even have one at ARPR that all of our employees are required to review and sign when they first join the team!

3. Develop an actionable crisis communications plan that includes data breach scenarios. In addition to initial reporting processes, how do you communicate with internal and external audiences about a security incident? A crisis communication plan can help to guide your response to various stakeholders so that you know when and how to respond, with guidance on various steps, timing, and messaging in the event of a breach or other cybersecurity incident.

An effective crisis communication plan can help to minimize reputational damage both on and offline while reassuring employees, customers and investors that you have the situation under control.

4. Retain a PR agency to help quickly act on crisis communication plans. Remember that you aren’t alone in the event of a crisis. We’re here to help, with a team of experts well-versed in cybersecurity PR and crisis communications.

Contact ARPR today to learn about our crisis capabilities from initial planning to implementation.

Willa Hahn
Willa is a Senior Account Director within Alloy's cybersecurity practice group. With a passion for storytelling, Willa drives results through bold content and executive thought leadership.