Every 39 seconds, a cyberattack takes place on the web. With that statistic, it’s easy to see how many companies fall victim to a security breach. Your business needs to prepare for when, not if, a breach happens.
Aside from the critical task of securing your network and data, one of the first orders of business after a cyberattack is handling public relations. It’s essential to get it right. A poorly handled response leads to a loss of trust and a negative company image. The good news, though, is that preparing a plan before it’s needed will ensure you can respond quickly and confidently, garnering public and customer trust and protecting your business image. Below are some ways your company can handle public relations after a security breach.
First, it’s good to know what you’re dealing with—in other words, what is a cyberattack? It is an unauthorized attempt to gain access to a computer or network with the intent to use, steal, destroy or share digital assets in the system. Hackers have discovered many ways to infiltrate computer systems. Malware, phishing and ransomware are a few commonly known methods. The reasons for a system attack are numerous. Usually, hackers are after financial gain, although they could be in it for political or personal reasons.
Respond quickly and sincerely
Data theft is serious, and customers need to know right away their information may be at risk. Make sure they learn about the breach from you—not from a press release or somewhere else. You may not have all the answers right away. The important thing, though, is to let customers know an incident took place. Communicate directly with them via email, phone or mailed letter. You might consider an information dashboard on your website where the public can find updated information.
Apologize to your customers for the disruption and inconvenience. They don’t want you to be defensive, even if you did everything you could to prevent an incident. Accepting responsibility takes power away from hackers and gives it to you. The public will know you’re in control and acting on their behalf.
Explain how you’re managing the breach
To regain your customers’ trust, you will need to outline your mitigation strategy. Tell the public what steps you’re taking to ensure this type of incident won’t happen again. Explain that you’re working constantly to repair vulnerabilities, secure your network and protect their information. Describe your plan to work with outside experts and build internal accountability.
Ensure communication is clear and straightforward
While it may be tempting to use jargon to explain the cyberattack, your communication with the public needs to be clear and simple. Anything complex can lead to more questions. Sum up the situation in a message that is easy to understand so there is little room for stakeholders and the press to get it wrong. The public will see you are trustworthy and believable and they won’t think you’re trying to hide behind jargon.
Once news of the breach reaches social media, you’ll need to monitor it closely. Stay on top of rumors, answer questions and dispel false information.
Your customers are probably unsure what to do next, and they will look to you for guidance. Explain what steps you are taking to protect them and how your services may affect them in the future.
You can extend help by paying for credit monitoring or identity protection. Consider giving customers a discount or free product to redeem in the future. Remind them to change their passwords, monitor their account for suspicious activity and avoid opening attachments on suspicious emails. Your actions demonstrate that you value them and have their best interest in mind.
Handling public relations after a security breach may, at first, seem like a nightmare. Surprisingly, it could become your finest hour. If your company rises to the occasion, you might find your customers trust you more than ever.