Preparation for cyber threats: the role of communications

Many of us who were around in the 1980s will remember Jeff Bridges talking about ‘The Grid’ in Tron – at the time a fun imagining of computer programming. Then ‘The Grid’ gave way to ‘The Web’ as Tim Berners-Lee ushered in the age of the internet. Now, of course, being online is just an accepted and expected part of life in modern and developed countries.

Yet the luster of ‘The Web’ has long since begun to pall with the realisation that what used to be known as the information superhighway is in reality more like the Wild West in its apparent lawlessness.

The reason is the advent and developing sophistication of cyber-attacks. And yet remarkably, according to a new report by Hiscox, British businesses continue to lag behind their peers when it comes to responding to a cyber-attack that, as Hiscox also notes, put businesses at risk of future and very costly incursions.

Hiscox has assessed and questioned businesses on their practical and technological preparations for a cyber-attack. But, as any communications professional will tell you, that doesn’t include the invaluable yet remarkably intangible commodity that is reputation. But, suffice to say, if a business hasn’t got its disaster recovery plans set up, they probably don’t have much in place to manage their internal and external communications.

A tarnished reputation and loss of customer confidence inevitably has significant implications for financial value. So, businesses would do well to think beyond the immediate and practical technological preparations for cyber-attacks that are becoming ever more prevalent, and also think about what their communications plans look like.

That of course means having a plan in place to tell you customers or constituents exactly what’s happened, how they can protect themselves, and what you’re doing about it at the earliest opportunity. But businesses will be missing a trick if they’re not getting proactive in their preparations and engaging every relevant stakeholder they can identify.

Guaranteed if you’re a bank, for example, and you have a data breach that becomes public, at least one MP is going to be figuratively banging on your door seeking answers on behalf of their constituents. And that logic applies to SMEs and local businesses every bit as much as multinationals.

So, if you’ve seen Hiscox findings , it’s definitely worth taking pause for thought as to whether your business is ready should a hacker come calling. But it’s also worth thinking about what else you can do. Can you proactively communicate with your local MP, or the Chair of the relevant Select Committee and tell them what you’re doing in preparation? Could you involve yourself in discussions over cyber-security that have and will continue to be in the media?

Taking those steps doesn’t make a business any less vulnerable to cyber-attack. But it will help reputation in the long-term by demonstrating that everything that could be done has been. And ultimately, while a cyber-attack is costly, it’s the loss of reputation that’s ultimately a business killer.