The year 2011 was a year filled with news about cyber attacks. In August of that year, one cyber hacking group released a video announcing an imminent attack against an organization I was working for at the time. The video had shown up in my media clips four days after it was posted to YouTube.
Now we had a comprehensive crisis communications plan, we drilled our senior leadership at least once a year and considered ourselves very ready for any crisis situations. We had also survived several over the years. But this was different and we were not ready.
This crisis was a new form of crisis – a very fast-moving one that targeted our databases, IT systems and online brand – from our social media accounts to our website. The reality was that these systems had potentially already been breached by the time we learned of the video on YouTube.
So how did we handle it?
Engaging a crisis communications team immediately. Within 24 hours of discovering the video, a crisis communications team was formed and consisted of senior leaders within the organization. They represented the critical functions of the organization and were nimble enough to make instant decisions. The CEO had assigned a Chair for the team giving the team full range to explore and act on options.
Researching other attacks and how other organizations responded. Research was conducted on the hacking group as well as how other organizations responded. This helped us understand the scenario we were in and gave us context for developing a crisis communications plan that would effectively navigate us through the situation.
Tailoring the crisis communications plan to a new type of crisis. We had no way of knowing whether our social media and website had been breached; therefore, we had to find other channels to communicate out from if our standard channels were no longer under our control. The plan was quickly refocused towards how we would handle the take over of our social media accounts and our website – creating new accounts and securing a new temporary url.
Enlisting the assistance of cyber security experts. Conversations were held with cyber security experts to understand the type of threat we were facing and what level of concern and the amount of resources we should dedicate to shoring up our systems. Their expertise and advice was invaluable to us in understanding the tactics used and how we could overcome those tactics.
Keeping staff informed and in the loop. Staff was consistently kept in the loop on a daily basis through emails from the Chair. This is extremely important as the stress of the situation and “not knowing” can slow operations and seep out to stakeholders, impacting trust in the organization, and ultimately, the brand.