,

Dealing with cyber risks: An issue becomes a crisis when the media gets involved

We live in a digital age where we have to be aware of the many cyber risks that surround us. We have to be prepared for when our cyber security systems fail to protect us – because they will fail from time to time. In 2012, the personal information and credit card information of 77 million online users of Sony’s PlayStation were hacked. LinkedIn had 6.5 million encrypted passwords published on a Russian webpage where the hacker asked for help to crack the codes. These are large-scale examples but cyber risks are nonetheless issues that companies have to be prepared for. Because if a cyber-attack happens, the company leaders will be perceived as incompetent and unable to control their businesses, regardless of the fact that the company is the victim of a crime.

Prepare for the crisis

Crisis

So how can the company deal with the risks of cyber-attacks? Being prepared to handle a crisis goes a long way.

 

  • Know your weaknesses
    Know what might go wrong and what the consequences will be if it does. This should not be considered lightly and company employees might bring interesting arguments on the table, should they be consulted.
  • Introduce issues management to the company
    Issues management is about forestalling future events in order to protect the most precious part of a company: Its reputation. Issues management is a matter for the
  • company’s board of directors, just as risk management is.
  • Practice your crisis communication and train your media skills
    Having top management undertake media training and be put under pressure by journalists in a safe environment is the best way to practice for a real-life situation.

 

Being aware of the company’s weaknesses, introducing issues management to the board of directors and practicing communication and media skills will keep the company prepared for when the crisis hits.

 

Dealing with the crisisSecurity concept: Lock on digital screen

When the media gets involved, the issue becomes a crisis. A company in crisis, e.g. due to a cyber-attack, has to be aware of three central elements:

  • Recognition
    This is about realising that the company is in fact facing a crisis. To be able to realise that yes, it can and it does happen to us.
  • Speed
    When the crisis hits, getting the word out is extremely important. It must never seem as if the company tries to hide information.
  • Opinions
    Know your opinion. If the consequences of a crisis on stakeholders such as clients, employees, shareholders etc. have not been thought through, knowing what to say to the public and the media is almost impossible.

 

Recognising when the company is in crisis, getting the information out there and knowing what to say to the press are the fundamental rules in all crisis communication. Because if the communication is not handled well, the company will suddenly find itself in a double crisis, where both the original cause of the crisis, such as a cyber-attack, and the company’s handling of the situation will be news to the press.

An old quote goes: “A piece of news is something that someone does not want out in the open. Everything else is advertising.”

Know what to say and say it quickly. That will save a company in crisis for a lot of trouble.

 

job_sara_stendevad_04sh_smal

Author: Sara Vibroe Løppenthin Stendevad

GlobalCom partner Jøp, Ove & Myrthu CPH P/S, Denmark

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *