The Role of a Public Relations Specialist in Cyber Incident Response

When cyber incidents strike, organizations need to respond swiftly and effectively to limit related losses. As such, it’s crucial for organizations to adopt detailed cyber incident response plans. These plans should outline specific steps organizations can take to maintain key operations and avoid large-scale disruptions and damage during various cyberattack scenarios, including data breaches, phishing scams and ransomware events.

Maintaining sufficient communication protocols is a primary element in any cyber incident response plan. These protocols can help organizations keep stakeholders and the public properly informed throughout cyber incidents, reducing the risk of possible miscommunication concerns, reputational damage and revenue losses.

The best way for organizations to establish solid communication protocols amid the cyber incident response process is by working with public relations (PR) specialists. These professionals are typically responsible for developing, executing and updating organizations’ communication strategies as needed to help promote a positive company image. This article provides more information on the role of a PR specialist in an organization’s cyber incident response plan and explains how cyber insurance can facilitate access to specialized PR services, ultimately enhancing incident response efforts.

PR and Cyber Incident Response

A PR specialist can assist an organization with several communication initiatives throughout the cyber incident response process, including the following:

• Crisis communication planning—Once an organization has assembled the rest of its cyber incident response team (e.g., IT experts, legal counsel and HR professionals), a PR specialist can help identify key roles and responsibilities for each individual. Doing so can establish a clear chain of command and outline specific crisis communication methods for these individuals to follow when a cyber incident occurs, keeping everyone in the loop as they navigate their assigned response measures. Regarding their responsibilities, a PR specialist can compile a list of stakeholders who should be informed of cyber incidents amid different scenarios and put together pre-written email or text message templates to ensure prompt delivery of important incident developments and recovery progress to these parties.  
• Timely messaging—Transparency is key when responding to a cyberattack. By collaborating with the rest of the cyber incident response team throughout an attack, a PR specialist can aid an organization in communicating openly and honestly with stakeholders regarding the latest incident updates. Specifically, a PR specialist can utilize their pre-written templates to provide precise and accurate messaging that summarizes incident details and highlights resolution steps on a suitable communication schedule, such as hourly updates. This messaging can help ease any stress or panic among stakeholders, allowing them to maintain trust in the organization as it responds to the incident.
• Internal communication—An organization needs to keep its employees informed to ensure they handle different cyberattack scenarios appropriately and prevent them from acting on misinformation. A PR specialist can manage employee communication throughout cyber incidents, helping these individuals stay engaged and addressing any concerns they may have regarding attack details and response measures.
• Management of public perception and media relations—Along with keeping employees and other stakeholders informed amid cyber incidents, an organization may need to discuss these events with the public. In these instances, a PR specialist can help the organization handle any media inquiries and provide timely public statements. This may entail issuing regular press releases as the incident evolves and associated recovery initiatives take place, representing the organization during incident-related interviews across news platforms, and monitoring the company’s social media accounts to answer the public’s questions and correct any false information being shared. These efforts can make all the difference in helping the organization uphold a respected brand and minimize shifts in public perception due to the incident.
• Long-term reputation preservation—Even if an organization provides prompt and honest communication throughout a cyber incident, it will likely experience some degree of reputational damage from the event, potentially resulting in reduced stakeholder confidence, heightened public criticism and lowered employee morale. With this in mind, it’s critical for the organization to assess the aftermath of the incident with a PR specialist and implement necessary measures to restore long-term trust in its company image. This may involve communicating with stakeholders and releasing public statements regarding the organization’s commitment to cybersecurity and the steps being taken to prevent future incidents. Further, a PR specialist can work closely with the organization’s IT department to bolster employees’ cybersecurity awareness and develop more engaging educational initiatives (e.g., hands-on training and routine incident response drills). These measures can help all parties feel more assured that the organization is taking cybersecurity seriously and actively limiting its digital exposures.

Insurance and Cyber Incident Response

An organization’s cyber incident response team typically includes experts and professionals across multiple fields. It’s worth noting that, depending on an organization’s size and in-house resources, its response team may include either internal or external parties. In other words, larger organizations may have entirely in-house response teams, whereas small organizations with fewer resources may seek the assistance of third-party vendors. In any case, before hiring any vendors to help respond to cyber incidents, including PR specialists, organizations should consult their cyber insurers to determine whether any policy provisions include vendor-related stipulations or requirements; some insurers mandate policyholders to work with preselected vendors that offer negotiated rates, therefore limiting associated claim costs.

It’s particularly vital for organizations to consult their cyber insurers before hiring PR specialists, as insurers may be able to connect policyholders with vendors that offer specialized PR services (e.g., advanced crisis management solutions, custom content creation, reputation and company performance metrics, and in-depth thought leadership strategies) that they otherwise wouldn’t get. This means that, in addition to providing much-needed financial protection against losses stemming from cyberattacks, cyber insurance may also pave the way for organizations to receive simplified access to the best possible PR solutions, equipping them with the resources needed to maintain a trustworthy brand in even the most difficult situations.

Conclusion

How an organization responds to a cyber incident can make or break its financial and reputational stability. By working with a PR specialist and taking advantage of any services provided by its cyber insurer, an organization can identify and adopt successful communication strategies for a range of cyberattack scenarios, keeping necessary parties well-informed both during and after an incident and upholding an esteemed company image.

Contact us today for more risk management guidance and insurance solutions.

This Cyber Risks & Liabilities document is not intended to be exhaustive nor should any discussion or opinions be construed as legal advice. Readers should contact legal counsel or an insurance professional for appropriate advice. © 2024 Zywave, Inc. All rights reserved.