The role of PR in crisis management during a cybersecurity breach

by Dmytro Sokhach | May 6, 2024 | Public Relations

Hacker or phone scammer in hood hacking at computer

We live in a world of digitalization that rapidly switches from physical paperwork to electronic. That creates massive amounts of data you need to store and protect. Cybersecurity knows numerous ways to keep terabytes of vulnerable information safe.

Nonetheless, cybersecurity breaches happen. They cause damage not only to the property and value of companies but also to their reputations. This is when the PR department needs to stand up. It is possible to overcome such a crisis with the right management and correct actions.

What types of cybersecurity breaches exist and what damage do they cause?
How does the PR department face these crises and overcome them?
Major cybersecurity breaches and how PR solved them

Let’s take a closer look at these questions and their answers below.

Source

Cybersecurity and breaches

Every company from small to large holds valuable data and runs services requiring protection. Security measures focus on keeping such information hidden and unavailable to third parties. However, they still try to steal and benefit from it. In recent years the number of data breaches increased by 15 percent, while in 2023 they cost $4.45 million. The most terrifying part is that the number of complaints on internet crime of different levels continues to increase.

To reduce the number of potential cases, we celebrate October as Cybersecurity Awareness Month. Leading companies and institutions of the industry talk about ways to improve online safety.

From the Annual FBI Report on Internet Crime 2023

Kinds of security breaches and their PR consequences

In the meantime, individuals, companies, and governments utilize lots of technology solutions to optimize their work processes. As devices and software are not perfect that allows hackers to find ways to cause damage. Among different kinds of cyberattacks, the following ones stand out the most according to Forbes Cybersecurity Statistics.

Phishing is the most common option that hackers use. It comes as deceptive texts, emails, and other forms of communication to interact with targets. They aim to get login credentials, personal financial information, etc. to steal money or to get access to valuable data.
Malware is any kind of virus that disrupts operations, compromises data safety, and can provide access to hackers. It often results in ransomware when cyber attackers demand money to return data that they have stolen.
Distributed Denial of Service (DDoS) focuses on disrupting the functionality of online services by overwhelming target systems or networks with malicious traffic. That mainly causes financial losses through the unavailability of services leading to customer dissatisfaction.
Data breaches are large accidents in cybersecurity when hackers manage to gain access to databases with valuable information. That compromises user accounts and other sensitive data which results in damaged reputation and further fraudulent activity toward victims.

Quite often hackers utilize multiple kinds of cyberattacks to reach their goals. Such increased activity in recent years is explained by the simplified accessibility to tools and methods for hacking.

PR crisis management during cybersecurity breaches

When a cybersecurity breach happens, it means that damage is already done. It may result in service malfunctioning and sensitive data leaks. After that technical departments try to solve issues as fast as possible while PR management tries to mitigate the consequences.

Mainly it starts even before the actual cybersecurity breach. Most companies have strategies with procedures on what they need to do when a crisis happens. The public relations department becomes in charge and draws all the necessary company resources.

Each strategy focuses on specific kinds of crises. Such a customized approach allows for addressing issues with higher precision.

Damage evaluation

Everything begins with an understanding of what has happened. PR teams assess the situation, its causes, consequences, and possible solutions. All of that information is crucial for proper communication with the public.

Immediate response actions

Depending on the kind of cybersecurity breach, the first ones to experience it can be a company or its clients. The second one may result in a stronger impact due to the delay in finding out that something has happened.

In both cases, it is crucial to take rapid action and inform the affected ones and other potential victims. Waiting often leads to an increased number of involved individuals. With correct notifying actions, the crisis won’t continue to grow.

Additionally, it is important to check how widespread news has become. Has it been to mass media and social networks? How popular is this accident around the internet? Answers to these questions greatly help the PR team to develop proper communication.

The PR team is preparing a strategy for a soft launch in 2024, which includes managing how the news is presented to the public. It will be an opportunity to control the narrative before the news potentially reaches a wider audience. This approach ensures that during the soft launch in 2024, the team can gauge and address public reaction effectively.

Utilizing various communication channels

Which form of communication is better? There is no definitive answer on one specific option. The goal of the PR team is to deliver the correct message to the right audience. Thus, the use of multiple means together helps achieve desired outcomes.

Official website

Publishing a detailed message on the official website ensures that everyone who is looking for information on the issue can find a trustworthy answer. That reduces misinformation from unreliable sources.

Press release

With a press release company can cover multiple media outlets simultaneously. Moreover, it keeps the same narrative while providing additional context to an audience.

Social media

As most companies conduct their marketing on multiple social media platforms, they are effective tools to notify the audience of cybersecurity breaches.

Email

Many individuals, customers, employees, and stakeholders stay in touch with the company via email. It allows reaching all of the affected directly and in a personalized manner.

Direct mail

Sending a physical mail is not a fast option to notify an individual. On the other hand, it is an excellent way to demonstrate how much the company cares about such recipients.

Internal communication

Frequently PR crisis management speaks about communicating with an outside audience. However, it is crucial to promptly inform internal employees of the breach, so they can take all the necessary safety measures. It can manifest via staff meetings and emails.

Hotlines & client support

As affected individuals can be the first ones to experience cybersecurity breaches, they’ll try to get in touch with company support. For that reason, PR departments develop instructions for fellow employees that can handle communication with clients.

Influencers

One of the ways to deliver the message that you want to a large audience is to cooperate with influencers. They can create decent resonance across social media.

Crafting messages and maintaining consistent communication

In communication with the public, it is crucial to remain honest. Denying cybersecurity breaches when they have obviously occurred sets untrust. That is why PR representatives deliver trustful information on causes and consequences.

Another point is understanding what the audience wants to hear. Mainly it is about terms and actions to solve the issue with measures to prevent it in the future. This is where it is crucial to make clear and affirmative statements, which will be fulfilled. That increases the chances for positive acceptance from the audience.

When addressing cybersecurity and financial stability, Canadians often seek reliable investment platforms; hence, they might ask about the best place to buy crypto in Canada. In the context of protecting digital assets, knowing the best place to buy crypto in Canada becomes essential for secure transactions. For those interested in diversifying their portfolio as part of a broader risk management strategy, identifying the best place to buy crypto in Canada is a common starting point.

Signs of effective PR crisis management

The effectiveness of PR crisis management greatly manifests via public response:

Receiving support and compassion.
Remaining loyal to a brand.
Keeping valuable partners.
Not losing company reputation.

Depending on how well the PR team can handle a crisis it may even result in some positive outcomes:

Improved self-representation as a loyal company to clients.
Showing the ability to effectively deal with crises.
Preservation of market share value.
Ensuring stakeholders in the positive future of a company.

It is much easier to see the role of PR in crisis management during a cybersecurity breach in real-world examples.

Real-world cases of PR crisis management during cybersecurity breaches

SolarWinds attack

SolarWinds is a prominent company that focuses on the development of management and monitoring software with a client base around the globe. In December 2020, its Orion system was hacked with a supply chain attack. It allowed the insertion of malicious code that provided hackers access to the personal data of users.

Upon finding out about the cybersecurity breach SolarWinds rapidly notified the public. Next, the company asked for Microsoft’s assistance to deal with the issue.

Clearview AI data leak

Another breach happened with the Clearview AI breach, which leaked billions of facial images without consent. While the company ensured that service had patched the issue, other privacy issues continue to arise. It could follow GDRP conditions that resulted in penalty payments.

Such inability to follow required policies in different jurisdictions negatively influences public relations and company reputation.

EasyJet breach

EasyJet is a popular low-cost UK airline that experienced a phishing cyberattack from October 2019 to March 2020. It primarily aimed to steal vulnerable personal and financial data. To mitigate the consequences, the company informed all their clients and even provided compensation. Such actions helped to overcome the case.

To sum up

Cybersecurity breaches can be devastating to businesses. That is why PR crisis management can greatly change the outcomes to the positive side. Therefore proper preparation, excellent strategy, and honest communication can play a crucial role in public relations.

Dmytro Sokhach

Dmytro Sokhach is an entrepreneur and a 6-Figure Flipper Club member. Founded Admix Global (web agency) that builds websites, makes them profitable, and sells them as business.

RECENT ARTICLES

The double-edged sword: The risks and rewards of AI examined in new study—does productivity boost counter security and privacy risks?

AI security and governance have taken a back seat to the business-boosting promise of AI so far in the young life of the wunderkind tech, as business leaders froth at the mouth imagining the realization of AI’s potential. New research from data security firm Immuta...

7 ways digital assistants are changing the media outreach game

In the landscape of public relations, digital assistants have emerged as game-changers. For media outreach professionals, understanding and leveraging these tools is no longer optional but essential. These sophisticated aids streamline processes, personalize pitches,...

Why ambush marketing should be an option during the Olympics—as long as no laws are broken

It’s almost Olympics time again, and soon the International Olympic Committee (IOC) will again pull out its crying towel and complain about ambush marketing campaigns aimed at sponsors of the Paris Summer Olympics, which will be staged in the City of Lights from July...