By: Niko Radityo – Associate Director of Fortune PR
Cyber security issues are increasingly common today. Any business can find itself in the frightening position of watching their brand being taken by a cyber breach. So fully integrated preparedness is the only way to minimize both financial damage and a loss of credibility and trust.
Remember the last ransomware WannaCry cyber attacks happened in Indonesia and across the globe? The malware affected critical resources, blocking access to data belonging to two Jakarta hospitals. How about when Telkomsel’s website got hacked last April, or when a group of teenagers hacked into Tiket.com and siphoned Rp 4.1 billion ($308,000) worth of airline tickets from the website?.
In the age of social media and the 24/7 news cycle, threats to cyber security that companies face can have a significant long-term impact on their corporate reputation. How a company communicates about a breach is an essential part of breach response. But before that, a PR must first notice the cyber breach news landscape so they can take a preventive action.
When a breach happened and a confidential information went public, incidents are often leaked to the press prior to completion of a full investigation. The pressure from the media to disclose more information quicker is much higher than ever before. Companies often face several waves of news cycles over the course of the breach that must be managed, and social media is making it possible for information about a breach to spread quickly.
The Need for Crisis Planning
Effective preparation addresses the entire crisis management lifecycle of readiness, response, and recovery. This will present opportunities to protect the organization from risks, costs, and damage. Also, to strengthen the organization’s defenses going forward.
First, companies must be ready to face the cyber threat. Readiness can be done through establishing a 24/7 monitoring system, providing a well-prepared team to deal with all aspects of a cyber incident or crisis with detailed roles and protocols. Companies must also make an action plan, and conduct a crisis response simulation, making sure of the readiness.
Second, the company’s coordinated and rapid responses limit the loss of time, money, and customers, as well as damage to reputation and the costs of recovery. The company’s PR must be prepared to communicate across all media, including social media.
Finally, lesson learned! The recovery step focuses on returning to normal operations and limit damage to the organization and its stakeholders after the crisis. Post-event steps include assessments of the causes and of the management of the incident or crisis, monitoring, and stakeholder relations. Remember, the goal of cyber security is to develop a secure, vigilant, and resilient organization.