Cybersecurity December 5, 2023

Communicating after a Cyber Attack

Crisis communication team responding to cyber security incident

A cyber attack creates an immediate communication challenge. Stakeholders — employees, customers, partners, regulators, and the public — need information, but you're operating with incomplete details in a rapidly evolving situation. How you communicate can significantly impact your organization's reputation and recovery.

Internal Communication First

Your employees should never learn about an incident affecting your organization from external sources. Prioritize internal communication:

  • Alert employees that an incident has occurred (even if details are limited)
  • Provide clear guidance on what they should and shouldn't do
  • Establish a single source of truth for updates
  • Give them talking points for customer inquiries

Customer Communication Principles

When communicating with customers:

  • Be Timely: Communicate as soon as you have confirmed information. Silence breeds speculation.
  • Be Honest: Don't minimize or hide the situation. Customers will find out eventually, and attempted cover-ups destroy trust.
  • Be Clear: Explain what happened, what you're doing about it, and what customers should do (if anything).
  • Be Empathetic: Acknowledge the impact on customers and apologize for the inconvenience.
  • Provide Resources: Give customers a way to get more information and assistance.

Regulatory Requirements

Many industries and jurisdictions have mandatory breach notification requirements:

  • Know your obligations before an incident occurs
  • Understand timelines for notification
  • Prepare template notifications that can be customized
  • Document all communication for compliance purposes

Media Relations

If your incident attracts media attention:

  • Designate a single spokesperson
  • Prepare key messages and talking points
  • Be responsive but don't speculate
  • Focus on what you're doing to address the situation

Ongoing Updates

Communication doesn't end with the initial notification. Provide regular updates as the situation evolves and as you learn more. When the incident is fully resolved, communicate the conclusion and any permanent changes you've made to prevent recurrence.

Preparation is Key

The time to develop your communication plan is before an incident occurs. Prepare templates, establish approval processes, and practice with tabletop exercises so your team is ready when it matters.

Back to Blog

Ready to Protect Your Business?

Contact Pronto Recovery to discuss how we can help ensure your business continuity.

Contact Us