Solomon McCown President Ashley McCown was a panelist Thursday morning at a breakfast event entitled How to Prevent, Detect and Deal with Cyber Security Breaches as part of the Annual General Counsel East Conference. The panel took place at the New York Marriott Marquis in Times Square.
Fellow panelists Johnny Lee, forensic expert from Grant Thornton and attorney Darren Traub of Akerman LLP made the case for having public relations counsel on an organization’s response team. The presence of a PR professional is critical to effectively preparing for, reacting to and managing the fallout from a data breach.
Throughout the hour-long conversation, Ashley offered some important tips for how members of an organization’s leadership team should communicate during each phase of a cybersecurity breach.
Prevent: Companies should identify the members of their crisis response team ahead of time so that communications protocols are established well before a breach occurs. This can save precious time after an event, when the first 24-48 hours are absolutely critical. Once your team is in place, having a tested and trusted crisis response plan in place is a must as policies and procedures should be well understood long before a threat or a breach ever transpires. These procedures should be reviewed and tested in table-top exercises, a simulation during which vulnerabilities can be recognized, worked through and the plan refined.
Detect: This is the phase where a transparent and rapid response is key to protecting your organization from serious reputational damage. With your team and plan in place, you’ll be ready to communicate to important audiences, including employees, customers/clients, regulators and the press. You should also be prepared for the possibility of law enforcement involvement, which will undoubtedly complicate matters—including the communications piece of your response plan.
Deal: Again, the first day or two after a breach is the most crucial window for damage control on all fronts: Forensically, legally and from a public relations perspective. But as time passes, organizations will share lessons learned and dissect how a breach occurred. Communications professionals can learn a lot by taking note of which elements of the breach were reported on in the press and blogged after the fact. Were the tone of the stories neutral or negative? Were there follow-up stories? Which audiences were quoted and what were they saying? You can then update your plans and procedures to reflect what you learned.