SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware
Search
Story image
#
Data Protection
#
Breach Prevention
#
Risk & Compliance

How to manage Communications during a cyber attack

Thu, 17th Apr 2025
By Mark Devlin, Managing Director, Impact PR

A cyberattack is no longer a matter of if, but when. As more organisations rely on digital infrastructure, the risk of being compromised grows exponentially. The reputational damage that can follow a breach is often just as severe as the technical and financial fallout. That's why a well-prepared communications plan is no longer optional - it's essential.

One thing is clear: how you communicate in those critical first hours can determine whether your organisation retains public trust or loses it.

Here's what you need to know to manage your response with clarity, credibility and control.

Preparation starts before the breach

The worst time to plan your crisis communications is when you're already in crisis. Build a cyber response plan that includes detailed communication protocols. This should involve:
Clear decision-making authority - know who approves messages and acts as your spokesperson

  • Pre-drafted holding statements for different scenarios
  • An up-to-date list of key internal and external contacts
  • Media training for anyone who may need to front the public


Your PR agency should be part of this preparation process. A good agency will help you assess likely vulnerabilities from a reputational standpoint and advise how to align messaging with your legal and technical response.

Move fast but don't get ahead of the facts

In a breach scenario, the pressure to respond quickly is immense. Customers want to know if their data is safe, regulators expect to be informed, and staff are confused and looking for leadership.
However, saying the wrong thing can be worse than saying nothing. Resist the urge to speculate or offer definitive answers until the facts are clear. Instead, issue a holding statement that confirms:
You are aware of a potential incident

  • You are investigating it with urgency.
  • You are taking all appropriate steps to protect those affected.d
  • You will provide updates as soon as more information is available.e

Transparency and consistency are key. Don't create gaps that can be filled by speculation or misinformation.

Coordinate internal and external messaging

A major mistake companies make is failing to align internal and external messaging. Your staff are your ambassadors - or your liability. They talk to customers, suppliers and their personal networks. They may even leak internal emails to the media if they feel left in the dark.

Communicate regularly with your team and be honest about what is known and unknown. Empower managers with consistent talking points. Let your people know what you are doing to address the issue and how they should respond to external queries.

Externally, your media statements, social media updates, customer emails and stakeholder communications must all follow the same core narrative. Mixed messages erode trust and make your organisation look disorganised or evasive.


Take responsibility - even if you're still investigating

Too often, companies hide behind legal jargon or deflect blame in the early stages of a problem. But people want to hear that you care, that you're sorry, and that you're doing everything possible to fix the problem.
This isn't an admission of liability - it's an expression of leadership. Acknowledge the inconvenience and concern caused. If there's a delay in service, say so. If personal data has been compromised, confirm what kind and how you'll support those affected.

Use plain language. Avoid spin. Be human.

Use your experts wisely

While your CEO may be the face of the company, a cyberattack is a technical issue. Have your chief information security officer or IT lead ready to brief the media and stakeholders. However, ensure they are media-trained. Complex explanations or tech jargon can confuse rather than clarify.

Your PR advisor can help translate technical findings into accurate and accessible messaging. This is critical for restoring confidence, especially when communicating with customers or the media who may not understand the technology involved.

Monitor sentiment and adjust your approach

Once the story is out, the job isn't over. Monitor media coverage and social media channels in real time to understand how your messaging is being received and where further clarification may be needed.

You may need to adapt your approach if new facts emerge or if the narrative is heading in an unhelpful direction. A good PR team will stay close to media contacts and provide timely follow-ups to shape the story as it develops.

Communicate recovery and rebuild trust

When the immediate crisis is over, the communication work continues. Tell people what steps you've taken to prevent future breaches. If you've improved systems or changed vendors, say so. If you're offering support to affected customers, make it easy to access.

This is your chance to show leadership and resilience. Don't miss it by going quiet. Instead, reinforce your commitment to security and responsibility.

Learn, document and debrief

After the dust settles, review what worked and what didn't. Update your crisis communication plan accordingly. Debrief with your PR team, legal counsel and IT leads. Capture key learnings and ensure institutional knowledge is retained.
The next time an incident occurs- and it probably will - you'll be better prepared.

An ounce of prevention

Silence is not an option in a cyberattack, but noise without substance can cause lasting damage. A calm, coordinated, and compassionate communications response can help protect your brand's reputation when it's most at risk.
As a business leader, your role is not just to restore systems but to maintain trust. With the right advice and a clear plan, you can emerge from a cyber incident stronger than before.

If your organisation needs expert support before, during or after a cyber crisis, get in touch with Impact PR, the leading crisis communications and PR agency Auckland businesses turn to.
 

Related stories
Illumio unveils AI security graph for cloud threat response
Ekco launches complete cybersecurity for smaller firms
Organisations face risk with open-source AI & cloud use
Cobalt report reveals gaps in critical vulnerability fixes
Bots surpass humans in online traffic, Thales reports
Top stories
Kaspersky reports record revenue, USD $822m in 2024
Kiteworks reveals the top data breaches of 2024 report
FireMon recruits four Skybox sales leaders for expansion
Hitachi Vantara unveils VSP One with AI ransomware defence
One in fourteen workers use China-based AI apps, study shows