Marketing teams: this is how to prepare your organization for a cyber attack
You thought that cyber attacks were not your problem?
Early preparation of the marketing teams for a media crisis the day after the attack is critical to reducing image damage and may be the difference between failure and success
Gili Netzer
13/09/2022
Tuesday, September 13, 2022, 4:18 p.m. Updated: 4:36 p.m.
Share on Facebook
Share on WhatsApp
Share on Twitter
Share by email
Share in general
Comments
Comments
Ransom attacks.
What will you do the day after? (Photo: Pixabay.com)
It is better that you read this article now with ease, because at the moment of truth, when the ransom demand arrives, it may already be too late.
Since the outbreak of the Corona virus, we have experienced a dramatic increase in cyber attacks, as more and more companies realize that danger lurks around every corner and they may fall victim to cyber attacks.
Much has already been written about the effects of security breaches on companies: business damage, loss of trust, damage to brand and reputation, loss of revenue, fines, and sometimes also a wave of lawsuits, and that's before we even mentioned the direct cost of paying the ransom.
One of the less talked about issues is the price of recovery after the ransomware attack, which may cost much more than the ransomware itself.
One of my colleagues shared with me in the past that his clients in the US report a recovery cost of about 750 million dollars in cases where the ransom was not paid, and over a billion dollars in cases where it was paid.
The recovery from the attack, as well as dealing with it in real time, require the coordinated action of several departments in the organization, including the marketing departments.
A cyber attack has long been no longer the concern of information security personnel only.
Responding to an attack requires advance planning
Since a cyber attack is first and foremost a business risk, companies should prepare plans in advance to deal with such an event in the best possible way, with a definite goal of minimizing the damage.
And just as the marketing department knows how to deal with business opportunities and even dictates the pace sometimes, so in the case of risks.
Since significant cyber attacks will very quickly become public, either due to regulatory requirements or due to the pressure exerted by the hackers through leaks, it is really impossible to hide the hack from the public eye.
This is precisely where the role of the marketing department comes in, and if the company manages the event correctly in the public sphere, the negative public opinion and the impact on the brand will be short-lived.
The marketing department should participate, for example, in exercises that simulate attacks and hacks and are usually used to sharpen the technical capabilities of the security team.
In most cases, these exercises are only given to the organization's security personnel, and it's a shame.
Participation of the marketing men and women in simulations of attacks will help to identify in advance the public needs that will arise in real time.
Organizations under attack will need to provide quick answers in real time, prove to the public that they are conducting themselves transparently, and show that they are in control of the incident.
The existing and potential customers of those companies will punish them for procrastinating, hiding information, making vague statements, and above all for dealing with the situation in a non-transparent manner.
If marketing teams are required to do this task for the first time during a "true alarm", it will be doomed to fail miserably.
So what should marketing teams do at the moment of truth?
First, the company must determine a clear and qualified source that will
transmit information in real time
, thus minimizing the damage caused by rumors and publications originating from media speculation or leaks by the attackers.
This can be done through a dedicated page on the company's website, on a landing page, on social media, or with the help of a constantly updated blog.
To the reliable information that the company distributes, the marketing departments should treat it
like any marketing campaign
, in social media or other media, for all that is implied.
The marketing department should also monitor
the negative discourse that develops on the networks,
just like in any campaign, with the help of Google alerts, or any other technological tool that is used to optimize campaigns.
You should also consider an email campaign that will include
proactive contact
Not only to customers but to the entire database of the organization, including partners, investors and employees, to update them on what is happening.
The rationale of all these solutions is to push the information actively, and not only to those who come on their own to update the blog, understanding the importance of transparency and the accessibility of the information.
Another course of action that can be effective is contacting a loyal customer, who will record a
testimonial
specifically during difficult times and moments of emergency to support the company.
Such a video will give tremendous legitimacy to the company's handling of the crisis, and will significantly help the customer service teams, who are going to be flooded with inquiries in real time, and therefore play an important role in stopping the attack and reducing damages.
In an era of digital transformation and an accelerated transition to the cloud, when more and more companies are moving to hybrid models of remote work and do not plan to return to offices anytime soon, cyber dangers on the Internet multiply and become inevitable.
The decision whether to pay a ransom or not, how to manage and plan a cyber attack incident and how to recover from it is a business decision that involves many stakeholders and different departments in the organization.
The marketing people have a more significant part than you think in this preparation.
This decision should be demanded today, and not wait for the moment when we wake up in the morning to demand a ransom.
Gili Netzer
is the VP of Marketing at the cyber security company Perimeter 81
Want to comment?
Join the discussion in the group where the discourse of the marketing world takes place
To the full article
Marketing and digital
360
Tags
Data Security
Cyber attack
Crisis management
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/WQEEUVRP3BB57M7LND37U7VREE.png)
/cloudfront-eu-central-1.images.arcpublishing.com/prisa/KMEYMJKESBAZBE4MRBAM4TGHIQ.jpg)
