The Role of Communications in Cybersecurity
Communicators are accustomed to being at the forefront of organizational change and reputation risk situations. Call it their comfort zone.
Communicators help organizations understand how media is evolving, have a strong grasp of the workings of human behavior and know whom to partner with to make a difference.
For these reasons, the public and private sectors are embracing communicator led cybersecurity models that harmonize the entire C-Suite without burdening IT professionals.
The present is a ‘lukewarm war’ era, since a cold war or hot war do not define the need to protect citizens, communities, corporations and countries. Today’s enemy is a combination of three main types of cyberattacks–ransomware, nation-state-sponsored attacks and disinformation campaigns.
Threatening to expose the information of customers, ransomware is top of mind due to a steady increase in attacks and an uptick in the amount of ransom requested, and often received. Attacks strike at inconvenient times. Perpetrators prioritize targets by forecasted M&As.
Viewing the threat of ransomware through numbers illustrates its gravity. It takes an average of 280 days to identify and contain a breach. The average total cost of a M. Fifty-two percent of all breaches are deemed malicious. Over half of organizations compromised in the past three years had some form of automated security system in place. This suggests that it is not enough. IT must purposefully build, review and test a cybersecurity plan.
So, how can communicators contribute today?
Communicators can partner with experts (this column is one such collaboration) to clearly explain this complex topic to the C-suite and employees. The issue of inadequate or improperly configured automated security software is a great place to begin a meaningful conversation about cybersecurity. Ask what threats they aim to thwart and how equilibrium can be reached so work can be done with all onboard. Share government guidance on cyber-defense strategies and convey the benefits of data-protection initiatives. An effective cybersecurity model involves communicators synchronizing needed steps and actions.
Outlined below are five steps communicators can take towards supporting IT efforts to bolster organizational resilience against today’s cybersecurity threats.
IT – Determine critical processes, systems and their vulnerabilities. Identify suspicious activity.
Communications – Deploy an intelligence-listening platform to understand threats aimed at the company and sector. These range from monitoring the dark web to social media sites worldwide.
IT – Determine relevant defenses, back-up critical data and implement processes to guard against future attacks.
Communications – Hold a team readiness workshop. Discuss scenarios and engage in company-wide exercises geared at proactive cybersecurity measures and threat assessment rehearsal that directly addresses a plausible vulnerability.
IT – Monitor activity for real-time attack. Stress test currently deployed automated security technology.
Communications – Partner with IT to understand how the threat mix is changing. Update the intelligence-listening platform accordingly.
IT – In the event of an attack, be prepared to switch to another means of operation and implement incident response.
Communications – Monitor the situation and provide clear and accurate updates to all relevant parties.
IT – Perform a root-cause analysis of previous attacks.
Communications – Know the history of attacks against the organization and its competitors or partners. Learn about cyber criminals’ modus operandi to resolve any vulnerabilities and prevent another issue.
Demonstrate the ROI of prioritizing cybersecurity
The value of strong cybersecurity may not be clear to companies that have yet to face the devastation of a crippling cyber event. The ROI is difficult to measure. Who can prove an attack would have happened, but didn’t? Still, it sure looks worthwhile in the face of what is possible. When presented with doubts, communicators can remind CFOs that the average total cost of a single breach is $8.6M.
The opportunity is clear—embrace IT colleagues and collectively orchestrate a formidable force resolute in safeguarding organizational assets, employees and customers.
Michael Harley, Managing Director, Cybersecurity at Next Security Group
A linguist for the National Security Agency (NSA) and United States Special Operations Command (USSOCOM), Michael has actively worked within the cybersecurity landscape for two decades.
Cortney Stapleton, Managing Partner at The Bliss Group
A lead partner for issues/crisis work across professional and financial services, the business of health and technology.
This article originally appeared in PR NEWS.