MONDAY 7 SEP 2020 2:52 PM


A cyber-attack has always been a tricky communications moment to navigate, but how have things changed now that we find ourselves in a state of almost permanent crisis? James Melville-Ross, senior managing director of strategic communications at global business advisory firm FTI Consulting ,explores the different means with which companies can communicate through a cyber breach at a time of general crisis.

As with all crisis comms, the answer comes down to three basic tenets – what you say, how you say it and how quickly you respond. If anything, the current pandemic has served to reinforce these points.

Over the last three years, we have developed a series of studies, called ‘The Anatomy of a Crisis’, which investigate how companies respond to different types of crisis. Our latest study focuses on cyber security, examining the financial, operational and reputational impact of 300 cyber breaches over the past ten years and the ways in which companies have responded.

In it, companies report lost revenue, lost customers, loss of value, regulatory fines and litigation as some of the consequences of cyberattacks. The impact is also felt internally in terms of lost employees and hiring opportunities.

So how does this effect the way you respond?

What you say:

A striking aspect of this pandemic has been the softening in tone that we have seen from businesses. Corporate jargon appears, finally, to have had its day and we have witnessed a significant personalisation of comms as CEOs grapple with announcements that often convey hard messages.

Our study showed that only 26% of companies issued an apology as part of their statement in response to a cyber breach and one wonders whether that will change in the light of this significant softening in corporate tone. For those who do apologise, the study shows that the share price drop and media interest is halved compared to those who don’t.

How you say it:

You can expect to see a 10x rise I media coverage if you suffer a cyber breach, so you should be prepared for more interest than you might be used to. Our study also shows that the type of data your organisation loses will have a big bearing on how your share price reacts and how much media coverage will emerge. The share price reaction to the loss of sensitive data (eg. full customer details) can be as much as ten times more significant than for data which contains less information (eg. just home address). Make sure you factor that consideration in to your crisis response planning.

Also, with so much media focus at the moment given over to the corona virus, the way in which your story fits in with that narrative is worth considering as you prepare your response. For example, if your breach has occurred as a result of poor home office security arrangements, then you should be prepared for more interest than from an external hack.

How fast you move:

Speed is of the essence. If you don’t frame your role in a Cyberattack early on you quickly become the villain, not the victim.  It is important to take control of the narrative and demonstrate the action that you are taking before things get away from you. Our first Anatomy of a crisis analysis showed a substantial deterioration in public perception the longer a company took to apologise after a crisis.

As for the pandemic, we have seen this aspect play out in the ways in which the media have responded to the various company statements. Those companies who were out early with their plans and recovery packages saw far greater levels of support than those who were slow.

Perhaps more than ever, the timeliness of your crisis response is key.