Communicating about cybercrime and remaining capable of taking action

From major government institutions such as the European Parliament and the International Criminal Court in The Hague, through to banks, local authority utilities and universities, right up to health insurance providers and hospitals: cyber-attacks and data breaches are currently on the rise again worldwide. Even products that are directly or indirectly connected to another device or network – such as Wi-Fi routers, alarm systems or even baby monitors and robot vacuum cleaners – provide entry points for hackers and can be exploited by them at any time. Decisive and swift action is required. In light of recent events, we have compiled some initial tips on how to deal with cyberattacks under the heading ‘Helping people help themselves’. How should the situation be communicated? What are the essential first steps?

Every day, attackers hack into the IT systems of government departments, public bodies and businesses. They bring operations to a standstill, steal data, install malware or demand ransoms. In our increasingly digitalised world, this is where we are most vulnerable.

 

What should you do when everything comes to a standstill?

Drawing on our day-to-day experience, we have summarised the 10 most important tips for containing digital crises in an emergency. Communication here complements the IT department’s emergency measures.

 

Communication in an emergency or crisis:

  1. Contact your relevant regional data protection authority immediately by telephone and report the incident (file a report!).
  2. You should also contact the relevant Central Contact Point for Cybercrime (ZAC) at the police for commercial enterprises and the Federal Office for Information Security. Here you will receive rapid assistance in the form of checklists and telephone support from members of the cyber security network and a team of specialists who can be deployed on site.
  3. Consult the guidelines issued by the three authorities and assess whether the recommended actions contained therein are feasible and applicable to your organisation.
  4. Appoint an internal project team that will meet regularly with immediate effect and allocate the necessary tasks. Appoint a project manager for your team and give the project a name. Important: avoid using the term ‘crisis team’ (keep calm!)
  5. Exchange mobile phone numbers and agree on a suitable communication channel (WhatsApp group, Teams group, external email programmes, etc.). In particular, check whether your channel is working properly and is secure in light of your interests.
  6. Assess the situation: What exactly has happened? Get an overview of what you know – and what you do not (yet) know. Try, as far as possible, to constantly update and validate your knowledge.
  7. Establish control over information: Draw up a set of guidelines with key messages based on your verified findings. This will serve as the basis for internal communication, press releases, customer communications and as a fact sheet for any TV or media enquiries.
  8. Please note: ‘Internal BEFORE external’! First communicate the current situation to your staff. As a general rule: only pass on verified information and instructions. 
  9. Information cascade: After informing your staff, you should inform customers and business partners. Then inform other stakeholders such as service providers, banks, public authorities, the media, etc.
  10. Channels and tone should remain the same as in ‘normal mode’.
    Dealing with the media: Respond positively to media enquiries. Here, too, there is a need for information and clarification. Handle this confidently and appropriately.

This crisiscommunication ‘first-aid kit’ helps you to organise your thoughts, get your bearings and set initial priorities in an emergency. Our advice on how to proceed: Consulting experts makes it easier to assess the situation objectively!

Further information is available directly by email and via the mobile numbers of our crisis response team.

 

Your contact person

Portrait Andreas Schauerte

“Cyberattacks bring businesses to a standstill, put data at risk and cause anxiety amongst those affected. From our day-to-day experience, we know that, in addition to technical emergency measures, clear communication structures are needed to effectively contain incidents.”


Andreas Schauerte

+49-911-530 63-117
asc@kaltwasser.de
https://www.linkedin.com/in/andreas-schauerte-kk