THE CYBER BREACH COMMUNICATION PLAYBOOK
  • Home
  • The Book
  • The Blog
  • Free Downloads
  • Contact us

WHY WE WROTE THE WORLD’S FIRST CYBER BREACH COMMUNICATION PLAYBOOK

5/10/2018

23 Comments

 
Picture
By Peter Coroneos (co-author)

When we looked at how 14 large organisations managed the fallout from a major cyber breach – the media coverage and public perception – what we saw was not pretty. 

As the former head of Australia’s Internet Industry Association for nearly 15 years, I’ve struggled with the challenge of cyber security and cultural change. I’m assuming most organisations and Boards now accept the reality of cyber risk and is taking proactive steps to manage it. That is not the purpose of this piece. The communication aspect is. It may seem secondary, but the consequences can be far reaching, and public confidence and brand reputation difficult to restore.

We’ve witnessed large, well-resourced organisations handle post breach communication so poorly that stakeholder trust fractures as the savage media assessment bites. The backlash in some cases resulted in executive resignations, public inquiries and sustained loss in shareholder value. 6 of the 14 breaches were due to third party (supply chain) risk, yet blame-shifting did nothing to aid market forgiveness. 

Naturally, one would hope that corporate external or internal PR and communication teams are all over this. However, we’d respectfully ask corporate leaders to reserve any conclusions to that effect in the light of one inconvenient fact. ALL of the organisations we’re talking here about had access to top PR advice and/or experienced communication professionals. 

So shocking was their management of communication, we felt compelled to write what we believe to be the first ever cyber breach communication playbook for Boards. The decisions that Boards make when the entity is under cyber attack can be irreversible. Cyber attack, post breach communication, the ethics of disclosure and compliance under our new laws are inextricably linked. We conclude that cyber breach communication is (like cyber risk management) squarely an issue of governance. This is our primary message.

When the Obama Administration asked me to advise on how we implemented one of the world’s most successful malware mitigation schemes, I was happy to tell them the secret lies in establishing the business case. We had to convince America’s top ISPs and telco’s to embrace proactive measures that turned out to be a win/win for the providers and their users. Today, nearly 100 million US and Australian internet users are safer. That would not have happened had we failed to parlay practical measures into a sound communication strategy.

Just to be clear, we have no interest in fear mongering or overhyping the cyber threat. But we did want to provide clear guidance of a practical nature, so that if organisations are faced with say a ransomware demand, they have a decision making framework to help ask the right questions. And a communication strategy, sample statements for media and social media and an internal capability in place that is based on ethics, openness and maintenance of public trust. Our aim is to equip Boards with rapid and competent decision making power – asking the right questions is 80% of getting the right solution.

Our handbook for executive leadership and Boards is not technical, it’s pragmatic, easy to read and defines excellence at the governance level. The companion workshop builds pre-breach capability so companies are ready with pre-worked communications to get ahead of the story.

Seeing the likes of Uber, Target, the Australian Bureau of Statistics, etc so poorly handle the post breach communication was a real wake up call for me. These are big enterprises, obvious cyber targets, yet their knee-jerk reaction (based   presumably on the advice of their PR and comms people) was to DELAY, DENY and DEFLECT. In the end they paid the price.

My co-author Michael Parker and I bring an unparalleled depth of experience and insight based on our respective areas of expertise – myself in leadership, cyber policy and governance and he in high stakes corporate communication. 

In our primer, we cover emerging threats, the compliance landscape then give you two worked-through scenarios based on real cases, with sample communications and statements for the Board and CEO. We include a Board decision making framework for a ransomware attack. Detailed flow charts show processes to be undergone. The companion workshop develops process and content customisation for each entity's unique configuration and risk posture.

Our premise is that a major cyber incident is not a matter of if, but when. The challenge is how to get communications ready in advance, how you build a reservoir of trust you can draw on, and how to act and been seen to act in the best interests of those whose information you hold (employees and customers).

23 Comments
https://resumecompaniesreview.com/topresume-review/ link
27/6/2020 10:25:42 pm

Cyber breach communication is the new trend in this world. We can observe the different trends in today's generation. Let us be open to the different opportunities for this will make us all better. Let us make the most out of every situation. It will be a good promise for all of us to consider in our lives. I will throw a party for the whole crowd. It will be a good plan for all of the people

Reply
mybkexperience link
9/6/2021 03:56:09 am

I found this on internet and it is really very nice.
An excellent blog.
Great work!

Reply
RubyGaby link
23/6/2021 02:24:16 pm

Excellent article! Thank you for sharing this informative post, and looking forward to the latest one.

Reply
Milla McKinney link
23/6/2021 02:32:17 pm

Very much helpful article! Thank you for sharing this informative post, and looking forward to the latest one.

Reply
SummerBini link
24/6/2021 03:00:48 pm

Great article! Thank you for sharing this informative post, and looking forward to the latest one.

Reply
Brittany link
8/8/2021 07:53:57 pm

Great post thankyou

Reply
Brandon Willis link
13/10/2022 11:18:52 pm

Draw wish PM. Probably thus listen sure place play allow.
Become trial together drive where. Eight next deal together.

Reply
Mary Moore link
19/10/2022 12:28:41 am

One of the most important bits of information, in my opinion, is this. I enjoyed reading your essay, too. I liked how you explained.

Reply
Carol link
27/10/2022 03:49:25 am

Great and excellent article.. Thanks.

Reply
SopiaDC link
29/10/2022 05:13:52 am

Thanks for this helpful article. Hope to read more soon.

Reply
Ruth link
1/11/2022 03:46:23 am

Thanks, love to read more of this informative and amazing article.

Reply
marites link
1/11/2022 04:10:57 am

Nice post and looking forward to read more. Thanks

Reply
Letitia R link
21/12/2022 05:04:47 am

Love your post I will continue reading your post. Thanks. Register here : https://www.7xm.app/register?affiliateCode=pn9sx

Reply
Marites link
28/2/2023 04:14:10 am

Nice post and looking forward to read more. Thanks. https://www.7xm.app/register?affiliateCode=mwwom

Reply
Ruth link
3/3/2023 03:29:18 am

Thanks, love to read more of this informative and amazing article. Click :https://www.7xm.app/register?affiliateCode=mwwom

Reply
Carol link
3/3/2023 04:03:32 am

Excellent article.. Thanks. please visit: https://www.ye7.app/register?affiliateCode=voh66

Reply
topslot link
5/3/2023 11:29:47 pm

Good and informative article... thanks. https://www.ye7.app/register?affiliateCode=pgf38

Reply
Gretel link
12/3/2023 09:40:47 pm

Thanks for this very great article. Next article please. Try visiting this link please: https://www.7xm.app/register?affiliateCode=3isg4

Reply
Elasmo link
13/3/2023 12:24:48 am

Very informative post, looking forward for more.. Thanks . Register now: https://www.ye7.app/register?affiliateCode=rbq9e

Reply
JM Cruz link
14/3/2023 04:27:51 am

Love your post I will continue reading your post. Thanks. Register here : https://www.7xm.app/register?affiliateCode=pn9sx

Reply
hopia link
17/3/2023 03:22:06 am

This article is helpful. Thanks. please visit: https://www.ye7.app/register?affiliateCode=9h7nw

Reply
Mariel link
21/3/2023 03:22:16 am

Nice post and looking forward to read more. Thanks. https://www.7xm.app/register?affiliateCode=20id4

Reply
Onlinepoker link
23/3/2023 04:39:58 am

Thanks for this very great article. Next article please. Click: https://www.7xm.app/register?affiliateCode=xnckb

Reply



Leave a Reply.

    Authors

    Thoughts on current cyber breach issues and some personal reflections on the Playbook's ethos and future development.

    Categories

    All
    Writing The Playbook

    View my profile on LinkedIn

    RSS Feed

© 2018-2020  ALL RIGHTS RESERVED   |   PRIVACY POLICY                       THE BOOK   |  THE BLOG   |   FREE DOWNLOADS  |  CONTACT US
  • Home
  • The Book
  • The Blog
  • Free Downloads
  • Contact us