Even with the strongest technical controls and solid governance plans in place, data breaches happen. At FireOak, we work with clients on strategic crisis communications planning to help mitigate a PR nightmare and potentially devastating hit to your reputation in case the unthinkable does happen.
Every organization, no matter the size or sector, must have a Information Security Incident Response Plan in place well in advance of an incident occurring. This plan should be refreshed frequently and everyone in leadership and on your communications team must be well-versed in its contents.
The critical components of this plan must include:
- A clear timeline. Remember that in today’s news cycle, a rapid response is crucial. However, you must not wing it. What you say and do, or don’t say and do, in the first few hours of the news breaking will dictate how the story unfolds in the long term.
- Modifications for a number of different situations. While you can’t predict every scenario, you can make some educated guesses and have mapped out plans for every situation.
- Clearly defined Information Security Incident Response Team. A small group of your most trusted and senior people from the executive office and communications team will be assigned and responsible for every action item on the Information Security Incident Response Plan.
- An internal communications plan. No employee wants to feel like they are in the dark. This is especially true for something as important and scary as a data breach. Additionally, they need to know what to do if a journalist, friend, or family member asks them about the news. Your employees are your best allies. Give them the tools to help you.
In addition, it’s important that your organization practices what to do. There is a reason that we don’t stop participating in fire/emergency drills after leaving school. When a crisis happens, our brains react completely different than they do under normal circumstances. Run through your crisis communications plan frequently so it becomes completely familiar to you.
Hopefully you will never need to use this Information Security Incident Response Plan, but being prepared for a worst-case scenario will ensure that you can immediately respond to anything.
