Business Continuity Management / Disaster Recovery , CISO Trainings , CrowdStrike Outage Updates
How to Lead When a Crisis Occurs
Tips on Managing Public Relations in the Face of a Cyber IncidentCybersecurity incidents are not just technical problems. They are also major public relations challenges. Effective IT and cybersecurity leadership during a crisis can significantly affect your company's reputation, stakeholder trust and overall recovery. Technical errors and cyber incidents are inevitable, but how you handle them as a leader can have a big impact on your career.
See Also: How to Unlock the Power of Zero Trust Network Access Through a Life Cycle Approach
Here are some tips to help you act as an ethical, decisive and transparent leader:
- Create and follow an effective crisis communication plan.
Last week, CrowdStrike experienced a huge global outage due to a faulty update to its Falcon software. During the crisis, the company's communication strategy has been focused on providing clear, consistent updates and technical support. CrowdStrike, as of this writing, is maintaining open lines of communication.
It is important to have a well-defined communication plan in place for crises. This plan should include predefined steps for internal review and designation of authorized spokespersons, as well as clear guidelines for public disclosures.
- Honor public commitments.
In September 2022, Optus, an Australian telecommunications company, suffered a massive data breach that exposed the personal information of up to 10 million customers. Its CEO publicly committed to conducting an independent external review of the cyberattack and promised to share the findings with the public.
After the investigation was completed, Optus sought to keep the report confidential, citing legal privilege. The Federal Court of Australia ruled against this, saying that the investigation's primary purposes included identifying root causes and reviewing cyber risk management, which were not solely for legal advice.
Making a public commitment about transparency binds your company legally and ethically to follow through. Carefully consider any public statements you make, and be prepared to uphold them.
- Communicate proactively and transparently.
CrowdStrike has been responding to the outages swiftly and has provided remediation guidance and workarounds to affected customers. The company is making sure customers are informed about the issue and the steps they need to take to resolve it.
Being transparent during a crisis helps you manage public perception and maintain trust with clients.
- Balance legal and public relations considerations.
In a crisis, companies must work closely with their legal and PR teams to ensure that their communication strategies comply with legal requirements and at the same time maintain public trust.