<img height="1" width="1" src="https://www.facebook.com/tr?id=272494640759635&amp;ev=PageView &amp;noscript=1">

How your organization should communicate DURING a cyberattack

By Bre Chamley

Here are 8 tips to better manage internal and external communications during a cyberattack.


A man looking at a computer.Every 39 seconds, your company is vulnerable to a cyberattack. It’s important to plan and communicate before a cyberattack occurs. However, if one does occur, you need to move quickly.

We are a trusted public relations advisor to cybersecurity companies and organizations seeking helpful expert guidance on corporate communication before, during, and after a cyber attack.


We’ve developed eight tips to better manage internal and external communications around a cyberattack. 


Audio: Listen to this article.



1. Mobilize your cybersecurity response team. 

One of the first things a company should do once a cyberattack occurs is mobilize their cybersecurity response team. This is a pre-planned team where each member has been properly trained for their position and understands how to properly protect the business from these attacks. This team can be internal or external (PR agency).


2. Identify the type of attack and communicate it efficiently. 

Acting quickly and appropriately, the internal or external crisis team must identify what type of attack is occurring and communicate the details and plan for said attack as efficiently as possible throughout the company. This can include issuing a pause on online employee activity or any other measure necessary once the attack has been identified. 


3. Report the attack.

Once the attack has occurred and been handled to the best of your company’s abilities, you need to contact proper authorities regarding the attack. You should contact the FBI and/or state and local law enforcement offices depending on the cyberattack. You will also need to report the attack to the Electronic Crimes Task Force, the Internet Crime Complaint Center, and the Federal Trade Commission. Lastly, you’ll need to reach out to your insurance carrier if you have cyber liability insurance. 


4. Keep employees informed.

While the cyber incident is occurring, you need to have a designated person to update employees as your company deals with the attack. Let them know what’s going on, what they should and shouldn’t be doing at the moment, and what you’re doing to protect their information as well as the company’s and consumers’ information. Maintaining communication will keep them in the loop and help relieve some of their worries.


5. Give actionable information. 

While communicating internally with any member of your organization or internal cybersecurity team, you need to be prepared to communicate with actionable information. Cyberattacks are scary. When updating employees, make sure everyone understands what to do. 



6. Communicate with customers.

Employees and internal stakeholders should be updated right away when a cyberattack occurs. However, it’s important when the incident has been resolved that you communicate it to the public and consumers as well. You want to be on top of the attack and let your customers know what happened from your point-of-view so you can better control the message and situation. This should be a part of your crisis communications plan. However, your internal PR expert or external PR team can handle this for you.


7. Communicate quickly.

This goes hand-in-hand with communicating with customers. You don’t want to wait around and let the message get out on its own. Instead, be the one to control the message. Ultimately, a cyberattack will cause some negative PR, but if you’re ahead of it and communicate quickly, the damage won’t be as bad. Be sure they hear the news from your company and not from social media. 


8. Be transparent, helpful, and empathetic.

Cyberattack investigations typically take longer to resolve, ranging from weeks to months. We’ve already discussed how you need to communicate with the public quickly, but oftentimes you won’t know all of the details of the incident until later. With that being said, be as transparent  as possible with the public about the current situation. 


Your message should also be helpful, pointing them to resources and letting them know if they need to take additional steps to protect their information. Lastly, the messaging should be empathetic. Your customers are going to be upset and anxious their information was extracted, so craft a message accordingly. 


Your internal corporate communications or external public relations firm can be your CISO's best friend when it comes to protecting the organization and its employees.


If you're currently experiencing a cybersecurity incident, book a crisis cybersecurity consultation. Not under duress but looking for help communicating about cybersecurity before a potential cyber attack? We can help you. Book a free cybersecurity consultation


New Call-to-action


Photo by Mikhail Nilov from Pexels

Topics: crisis communications, cybersecurity

Liked this blog post? Share it with others!


Comment on This Article

Blog Subscription

Recent Posts

Popular Posts