Crisis Communications firm CommCore helps organizations plan for the public relations and reputation management impacts of cyber attacks. Failure to create a cyber security communications plan and manage customer concerns around data privacy can destroy even the most respected brands and reputations. We work with Legal, IT, HR, and forensic teams to implement cyber-attack response communications to key stakeholders.
The latest data* reveals:
- Individuals impacted in millions: 53.35 (Statista)
- The average cost of a data breach attack is $4.35 million and trending upward (IBM)
- Ransomware is the most common cyber attack method (Forbes)
- Businesses experience ransomware attacks every 11 seconds (Tech Jury)
- “43% of cyberattacks target small businesses” (Tech Jury)
-
75% of organizations do not have a solid cyber security communications plan in place.
“We’ve been hacked.”
Cyber attacks, data breaches, and all manner of security issues related to customer and stakeholder data are making headlines at a record pace, and have been more costly than ever in our post-pandemic world.
In 2020, businesses were forced to quickly adapt their technology approaches, with many encouraging or requiring employees to work from home. New findings released by IBM in July of 2021 suggest that security may have lagged behind these rapid IT changes, hindering organizations’ ability to respond to data breaches.
Handling communications around cyber attacks has become more important than ever.
What is your cyber attack response plan?
- Are you able to communicate effectively with stakeholders in the “Golden Hour” after you discover your data, assets, or business operations have been compromised?
- Do you have an updated cyber attack response plan to immediately inform customers, investors, employees, boards of directors, law enforcement, regulators, and the media?
- Do your C-Suite, breach coach, and legal counsel collaborate to ensure that executive communications don’t harm your legal and financial positions?
- Do you have a cyber attack response plan in place to repair and restore your brand’s reputation?
CommCore offers proactive and reactive Crisis Communications and training services to help your organization both prepare for crisis, and manage its message in difficult times. We can help you create and implement your cyber security communications plan, as well as run simulations so your team is ready when crisis strikes.
CommCore has successfully helped clients plan for and manage their response to data breaches, including:
- Ransomware attacks
- Phishing incidents that include HIPAA Protected Health Information (PHI)
- Simulation and training for malware attacks (via CommCore’s PressureTest™ Crisis Simulation Training)
- Cyber attack planning for an organization that expects state actor penetration attempts
CommCore Offers the Following Cyber-Attack/Data Breach Services:
- Audit/Draft a Cyber Security Crisis Communications Plan
- Simulations / drills and crisis role-playing to build teamwork and improve response time
- Crisis Communications Training, On-Call Counsel, and Cyber Attack Response Implementation
- Legal and Regulatory Testimony Prep
- Reputation Management
CommCore is led by Andy Gilman, who provided crisis counsel to Johnson & Johnson during the Tylenol poisonings and has equal credentials in the cyber attack and data breach arena.
How to tell customers about a data breach
A cyber attack happens when an outside actor steals data or confidential information by electronic means, including via ransomware and hacking, usually targeting high-risk information and / or critical applications. A data breach is an unauthorized or unintentional disclosure of confidential information, and often happens by accident. In other words, a well-meaning person could unwittingly cause a data breach.
High-risk information includes:
- Names
- Birth dates
- Home addresses
- IP addresses
- Usernames
- Passwords
- Social security numbers (SSNs)
- Primary account numbers (PAN)
- Credit card expiration dates
- Lab results
- Prescriptions
- X-rays and MRIs
Some examples of critical applications include:
- Customer accounting systems
- Enterprise resource planning (ERP) applications
- Electronic health record (EHR) systems
- General ledgers
Developing a Data Breach Communications Plan
CommCore helps organizations inform customers, employees, the press, and other stakeholders when a data breach or cyber attack happens. This includes letting people know what happened in an honest and compassionate way, explaining consequences, describing what has already been done to manage the breach and what more will be done. CommCore helps organizations:
- Write a data breach letter to customers
- Create sample data breach notifications
- Answer questions from customers, employees, the press, and other stakeholders
- Create a script for media inquiries and stakeholders looking for additional information.
- Develop a data breach communications plan template
- Create an incident response communications template (“IR Plan)”
Of course, working with your IT department to minimize your organization’s risk is Step 1. But after doing so, you should be ready with a crisis communications plan specific to data breach and cyber attack.
Do you suspect a data breach or cyber attack?
Was your confidential or sensitive data stolen? CommCore can help you rebuild customer trust after a data breach or cyber attack happens. We can also help you plan your response before disaster strikes.
Learn More About Our Crisis Communications Services
- NYT Reporters Get Pressure Tested
- Crisis Communications Case Study: CommCore Advises J&J During Tylenol Tampering Crisis
- Industry Focus: Discover CommCore’s Expertise in Your Vertical
To schedule a PressureTest™ Crisis Communications Training Demo please contact our firm today.