SlideShare a Scribd company logo

HPE-FireEye_Infographic_CrisisCommunication_Final

K
Kristi Houssiere
1 of 1
Download to read offline
Seek External Expertise Most organizations lack the in-house resources needed to create a top-notch crisis-communication blueprint. If you're among them, look for a security partner who can help you craft a plan that works. • Follow the plan. • Speak with one voice, sharing the same message. • Reassure stakeholders that the organization is addressing the issue and doing everything possible to protect information. • Answer questions honestly. Be transparent about what you don’t know. • Communicate continuously with all stakeholders—but share investigation-related details on a need-to-know basis. Crisis Communication After a Cyberattack Produced by MIT Technology Review Custom in Partnership with Hewlett Packard Enterprise Security Services and FireEye Inc. 44%of business and IT leaders don’t have cybersecurity crisis- communication plans. 15%don’t know whether they have such plans at all. Source: Cybersecurity Challenges, Risks, Trends, and Impacts Surveys, MIT Technology Review Custom in partnership with Hewlett Packard Enterprise Security Services and FireEye Inc., 2016 Does your organization have a clear plan for communicating with stakeholders in a cybercrisis? If not, you’re far from alone. • Create a cross-functional communication team. Involve key players from across the organization. • Establish a clear leadership structure (“who will be in charge?”) with a well-defined communication tree. • Develop blueprints for responding to a variety of cyberattack scenarios. • Prepare to respond at the speed of Twitter. Have dedicated communication platforms ready to go. Build two-way channels so stakeholders can ask questions. • Practice, practice, practice. Rehearse frequently to make sure the plan works. • View the plan as a perpetual work in progress. Update it regularly to reflect emerging new threats. Where to Start Cyberattacks differ from other crises, such as fires, power failures, and floods. Coming to light only weeks or months after the initial breach... ...attacks may catch organizations by surprise because they’re often first reported by external sources. In fact: In 53% of cases from 2015, organizations first learned of breaches from external sources, such as: • Customers • Partners • Law-enforcement officials • Media • Or even the attackers themselves No matter how they first hear about a breach, organizations must keep stakeholders informed throughout the crisis. PANIC Source: Cybersecurity Challenges, Risks, Trends, and Impacts Surveys, MIT Technology Review Custom in partnership with Hewlett Packard Enterprise Security Services and FireEye Inc., 2016 Finally: Don’t struggle alone. UPDATE! 24/7 SUPPORT WE’RE ON IT! What to Do When in a real cybercrisis: 2 34 5 6 ALERT! LEGAL HR IT BREAKING NEWS! BREAKING NEWS! For more information on cybersecurity and digital transformation please visit hpe-enterpriseforward.com/fightback © Copyright 2016 MIT Technology Review Custom. All Rights Reserved.

Recommended

SVAMA Speech "Understanding And Capitalizing On The Groundswell"
SVAMA Speech "Understanding And Capitalizing On The Groundswell"SVAMA Speech "Understanding And Capitalizing On The Groundswell"
SVAMA Speech "Understanding And Capitalizing On The Groundswell"Charlene Li
 
What You Want from a Web App
What You Want from a Web AppWhat You Want from a Web App
What You Want from a Web AppMichael M Grant
 
Authos@Google Presentation, October 15, 2008
Authos@Google Presentation, October 15, 2008Authos@Google Presentation, October 15, 2008
Authos@Google Presentation, October 15, 2008Charlene Li
 
CTO-Cybersecurity Forum-Angela McKay
CTO-Cybersecurity Forum-Angela McKayCTO-Cybersecurity Forum-Angela McKay
CTO-Cybersecurity Forum-Angela McKaysegughana
 
Better Protect Your Credit Union and Recover from Cybersecurity Breaches in A...
Better Protect Your Credit Union and Recover from Cybersecurity Breaches in A...Better Protect Your Credit Union and Recover from Cybersecurity Breaches in A...
Better Protect Your Credit Union and Recover from Cybersecurity Breaches in A...TraceSecurity
 
Digital Crisis Communications: Case Studies and Tips - July 2015
Digital Crisis Communications: Case Studies and Tips - July 2015Digital Crisis Communications: Case Studies and Tips - July 2015
Digital Crisis Communications: Case Studies and Tips - July 2015Scott Monty
 
The first 30 minutes after a crisis
The first 30 minutes after a crisisThe first 30 minutes after a crisis
The first 30 minutes after a crisisThomas Ciesielka
 
Global CCISO Forum 2018 | John Felker "Partnerships to Address Threats"
Global CCISO Forum 2018 | John Felker "Partnerships to Address Threats" Global CCISO Forum 2018 | John Felker "Partnerships to Address Threats"
Global CCISO Forum 2018 | John Felker "Partnerships to Address Threats"EC-Council
 

Recommended

SVAMA Speech "Understanding And Capitalizing On The Groundswell"
SVAMA Speech "Understanding And Capitalizing On The Groundswell"SVAMA Speech "Understanding And Capitalizing On The Groundswell"
SVAMA Speech "Understanding And Capitalizing On The Groundswell"Charlene Li
 
What You Want from a Web App
What You Want from a Web AppWhat You Want from a Web App
What You Want from a Web AppMichael M Grant
 
Authos@Google Presentation, October 15, 2008
Authos@Google Presentation, October 15, 2008Authos@Google Presentation, October 15, 2008
Authos@Google Presentation, October 15, 2008Charlene Li
 
CTO-Cybersecurity Forum-Angela McKay
CTO-Cybersecurity Forum-Angela McKayCTO-Cybersecurity Forum-Angela McKay
CTO-Cybersecurity Forum-Angela McKaysegughana
 
Better Protect Your Credit Union and Recover from Cybersecurity Breaches in A...
Better Protect Your Credit Union and Recover from Cybersecurity Breaches in A...Better Protect Your Credit Union and Recover from Cybersecurity Breaches in A...
Better Protect Your Credit Union and Recover from Cybersecurity Breaches in A...TraceSecurity
 
Digital Crisis Communications: Case Studies and Tips - July 2015
Digital Crisis Communications: Case Studies and Tips - July 2015Digital Crisis Communications: Case Studies and Tips - July 2015
Digital Crisis Communications: Case Studies and Tips - July 2015Scott Monty
 
The first 30 minutes after a crisis
The first 30 minutes after a crisisThe first 30 minutes after a crisis
The first 30 minutes after a crisisThomas Ciesielka
 
Global CCISO Forum 2018 | John Felker "Partnerships to Address Threats"
Global CCISO Forum 2018 | John Felker "Partnerships to Address Threats" Global CCISO Forum 2018 | John Felker "Partnerships to Address Threats"
Global CCISO Forum 2018 | John Felker "Partnerships to Address Threats"EC-Council
 
A Blueprint For Mitigation - Final
A Blueprint For Mitigation - FinalA Blueprint For Mitigation - Final
A Blueprint For Mitigation - FinalJonathan Bruno
 
Blueprint
BlueprintBlueprint
BlueprintRodrigo Suarez
 
Ventajas y desventajas de sgbds
Ventajas y desventajas de sgbdsVentajas y desventajas de sgbds
Ventajas y desventajas de sgbdsjsucarmona
 
Fire Protection & Safety
Fire Protection & SafetyFire Protection & Safety
Fire Protection & SafetyJoseph Calderone
 
Into the Fire: Crisis Communications Starts with Preparedness
Into the Fire: Crisis Communications Starts with PreparednessInto the Fire: Crisis Communications Starts with Preparedness
Into the Fire: Crisis Communications Starts with PreparednessChristopher Tarantino, MEP CMCP CHEC-III
 
Sgbd comerciales vs libres
Sgbd comerciales vs libresSgbd comerciales vs libres
Sgbd comerciales vs libresMadai Angeles
 
What is business continuity planning-bcp
What is business continuity planning-bcpWhat is business continuity planning-bcp
What is business continuity planning-bcpAdv Prashant Mali
 
Ogilvy On: Social Media for Crisis Management
Ogilvy On: Social Media for Crisis ManagementOgilvy On: Social Media for Crisis Management
Ogilvy On: Social Media for Crisis ManagementOgilvy Consulting
 
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyBest_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyStephanie McVitty
 
KnowBe4-Presentation-Overview.pdf
KnowBe4-Presentation-Overview.pdfKnowBe4-Presentation-Overview.pdf
KnowBe4-Presentation-Overview.pdfahmad661583
 
How to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital PresenceHow to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital PresenceSurfWatch Labs
 
Banning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating WarriorBanning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating WarriorSandra (Sandy) Dunn
 
disinformation risk management: leveraging cyber security best practices to s...
disinformation risk management: leveraging cyber security best practices to s...disinformation risk management: leveraging cyber security best practices to s...
disinformation risk management: leveraging cyber security best practices to s...Sara-Jayne Terp
 
7 Bug Bounty Myths, BUSTED
7 Bug Bounty Myths, BUSTED7 Bug Bounty Myths, BUSTED
7 Bug Bounty Myths, BUSTEDbugcrowd
 
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Hewlett Packard Enterprise Business Value Exchange
 
13734729.ppt
13734729.ppt13734729.ppt
13734729.pptAmitPandey388410
 
SafeNight | Developing a Mobile App from Idea to Launch
SafeNight | Developing a Mobile App from Idea to LaunchSafeNight | Developing a Mobile App from Idea to Launch
SafeNight | Developing a Mobile App from Idea to LaunchCaravan Studios, a division of TechSoup
 
Issue Tracking: How News 'Moves' Through the Media
Issue Tracking: How News 'Moves' Through the MediaIssue Tracking: How News 'Moves' Through the Media
Issue Tracking: How News 'Moves' Through the Mediaevolve24
 
Social Media: Infiltrating The Enterprise
Social Media: Infiltrating The EnterpriseSocial Media: Infiltrating The Enterprise
Social Media: Infiltrating The EnterpriseJay McLaughlin
 
Online Community Best Practices
Online Community Best PracticesOnline Community Best Practices
Online Community Best Practicesasevillia
 
Improve Information Security Practices in the Small Enterprise
Improve Information Security Practices in the Small EnterpriseImprove Information Security Practices in the Small Enterprise
Improve Information Security Practices in the Small EnterpriseGeorge Goodall
 
Effective Training and Policy Takes the Fear out of Social Networking - Shawn...
Effective Training and Policy Takes the Fear out of Social Networking - Shawn...Effective Training and Policy Takes the Fear out of Social Networking - Shawn...
Effective Training and Policy Takes the Fear out of Social Networking - Shawn...sdavis532
 

More Related Content

Viewers also liked

A Blueprint For Mitigation - Final
A Blueprint For Mitigation - FinalA Blueprint For Mitigation - Final
A Blueprint For Mitigation - FinalJonathan Bruno
 
Ventajas y desventajas de sgbds
Ventajas y desventajas de sgbdsVentajas y desventajas de sgbds
Ventajas y desventajas de sgbdsjsucarmona
 
Sgbd comerciales vs libres
Sgbd comerciales vs libresSgbd comerciales vs libres
Sgbd comerciales vs libresMadai Angeles
 
What is business continuity planning-bcp
What is business continuity planning-bcpWhat is business continuity planning-bcp
What is business continuity planning-bcpAdv Prashant Mali
 
Ogilvy On: Social Media for Crisis Management
Ogilvy On: Social Media for Crisis ManagementOgilvy On: Social Media for Crisis Management
Ogilvy On: Social Media for Crisis ManagementOgilvy Consulting
 

Viewers also liked (8)

A Blueprint For Mitigation - Final
A Blueprint For Mitigation - FinalA Blueprint For Mitigation - Final
A Blueprint For Mitigation - Final
 
Blueprint
BlueprintBlueprint
Blueprint
 
Ventajas y desventajas de sgbds
Ventajas y desventajas de sgbdsVentajas y desventajas de sgbds
Ventajas y desventajas de sgbds
 
Fire Protection & Safety
Fire Protection & SafetyFire Protection & Safety
Fire Protection & Safety
 
Into the Fire: Crisis Communications Starts with Preparedness
Into the Fire: Crisis Communications Starts with PreparednessInto the Fire: Crisis Communications Starts with Preparedness
Into the Fire: Crisis Communications Starts with Preparedness
 
Sgbd comerciales vs libres
Sgbd comerciales vs libresSgbd comerciales vs libres
Sgbd comerciales vs libres
 
What is business continuity planning-bcp
What is business continuity planning-bcpWhat is business continuity planning-bcp
What is business continuity planning-bcp
 
Ogilvy On: Social Media for Crisis Management
Ogilvy On: Social Media for Crisis ManagementOgilvy On: Social Media for Crisis Management
Ogilvy On: Social Media for Crisis Management
 

Similar to HPE-FireEye_Infographic_CrisisCommunication_Final

Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyBest_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyStephanie McVitty
 
KnowBe4-Presentation-Overview.pdf
KnowBe4-Presentation-Overview.pdfKnowBe4-Presentation-Overview.pdf
KnowBe4-Presentation-Overview.pdfahmad661583
 
How to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital PresenceHow to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital PresenceSurfWatch Labs
 
Banning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating WarriorBanning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating WarriorSandra (Sandy) Dunn
 
disinformation risk management: leveraging cyber security best practices to s...
disinformation risk management: leveraging cyber security best practices to s...disinformation risk management: leveraging cyber security best practices to s...
disinformation risk management: leveraging cyber security best practices to s...Sara-Jayne Terp
 
7 Bug Bounty Myths, BUSTED
7 Bug Bounty Myths, BUSTED7 Bug Bounty Myths, BUSTED
7 Bug Bounty Myths, BUSTEDbugcrowd
 
Issue Tracking: How News 'Moves' Through the Media
Issue Tracking: How News 'Moves' Through the MediaIssue Tracking: How News 'Moves' Through the Media
Issue Tracking: How News 'Moves' Through the Mediaevolve24
 
Social Media: Infiltrating The Enterprise
Social Media: Infiltrating The EnterpriseSocial Media: Infiltrating The Enterprise
Social Media: Infiltrating The EnterpriseJay McLaughlin
 
Online Community Best Practices
Online Community Best PracticesOnline Community Best Practices
Online Community Best Practicesasevillia
 
Improve Information Security Practices in the Small Enterprise
Improve Information Security Practices in the Small EnterpriseImprove Information Security Practices in the Small Enterprise
Improve Information Security Practices in the Small EnterpriseGeorge Goodall
 
Effective Training and Policy Takes the Fear out of Social Networking - Shawn...
Effective Training and Policy Takes the Fear out of Social Networking - Shawn...Effective Training and Policy Takes the Fear out of Social Networking - Shawn...
Effective Training and Policy Takes the Fear out of Social Networking - Shawn...sdavis532
 
2013 Incident Response Survey
2013 Incident Response Survey2013 Incident Response Survey
2013 Incident Response SurveyFireEye, Inc.
 
InfoSec's Guide to Social Media [WHITEPAPER]
InfoSec's Guide to Social Media [WHITEPAPER]InfoSec's Guide to Social Media [WHITEPAPER]
InfoSec's Guide to Social Media [WHITEPAPER]Josh Stein
 
Social Bridge to the IT Committee
Social Bridge to the IT CommitteeSocial Bridge to the IT Committee
Social Bridge to the IT CommitteeLinkedIn India
 
ISF Congress 2016 - Session 7.2_Kukreja
ISF Congress 2016 - Session 7.2_KukrejaISF Congress 2016 - Session 7.2_Kukreja
ISF Congress 2016 - Session 7.2_KukrejaPuneet Kukreja
 
Friends for Youth's Social Media Tip Sheet for MANY
Friends for Youth's Social Media Tip Sheet for MANYFriends for Youth's Social Media Tip Sheet for MANY
Friends for Youth's Social Media Tip Sheet for MANYFriends for Youth, Inc.
 

Similar to HPE-FireEye_Infographic_CrisisCommunication_Final (20)

Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copyBest_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy
 
KnowBe4-Presentation-Overview.pdf
KnowBe4-Presentation-Overview.pdfKnowBe4-Presentation-Overview.pdf
KnowBe4-Presentation-Overview.pdf
 
How to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital PresenceHow to Mitigate Risk From Your Expanding Digital Presence
How to Mitigate Risk From Your Expanding Digital Presence
 
Banning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating WarriorBanning Whining, Avoiding Cyber Wolves, and Creating Warrior
Banning Whining, Avoiding Cyber Wolves, and Creating Warrior
 
disinformation risk management: leveraging cyber security best practices to s...
disinformation risk management: leveraging cyber security best practices to s...disinformation risk management: leveraging cyber security best practices to s...
disinformation risk management: leveraging cyber security best practices to s...
 
7 Bug Bounty Myths, BUSTED
7 Bug Bounty Myths, BUSTED7 Bug Bounty Myths, BUSTED
7 Bug Bounty Myths, BUSTED
 
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
Breaches Are Bad for Business. How Will You Detect and Respond to Your Next C...
 
13734729.ppt
13734729.ppt13734729.ppt
13734729.ppt
 
SafeNight | Developing a Mobile App from Idea to Launch
SafeNight | Developing a Mobile App from Idea to LaunchSafeNight | Developing a Mobile App from Idea to Launch
SafeNight | Developing a Mobile App from Idea to Launch
 
Issue Tracking: How News 'Moves' Through the Media
Issue Tracking: How News 'Moves' Through the MediaIssue Tracking: How News 'Moves' Through the Media
Issue Tracking: How News 'Moves' Through the Media
 
Social Media: Infiltrating The Enterprise
Social Media: Infiltrating The EnterpriseSocial Media: Infiltrating The Enterprise
Social Media: Infiltrating The Enterprise
 
Online Community Best Practices
Online Community Best PracticesOnline Community Best Practices
Online Community Best Practices
 
Improve Information Security Practices in the Small Enterprise
Improve Information Security Practices in the Small EnterpriseImprove Information Security Practices in the Small Enterprise
Improve Information Security Practices in the Small Enterprise
 
Effective Training and Policy Takes the Fear out of Social Networking - Shawn...
Effective Training and Policy Takes the Fear out of Social Networking - Shawn...Effective Training and Policy Takes the Fear out of Social Networking - Shawn...
Effective Training and Policy Takes the Fear out of Social Networking - Shawn...
 
2013 Incident Response Survey
2013 Incident Response Survey2013 Incident Response Survey
2013 Incident Response Survey
 
InfoSec's Guide to Social Media [WHITEPAPER]
InfoSec's Guide to Social Media [WHITEPAPER]InfoSec's Guide to Social Media [WHITEPAPER]
InfoSec's Guide to Social Media [WHITEPAPER]
 
Social Bridge to the IT Committee
Social Bridge to the IT CommitteeSocial Bridge to the IT Committee
Social Bridge to the IT Committee
 
Collaborative Defence
Collaborative DefenceCollaborative Defence
Collaborative Defence
 
ISF Congress 2016 - Session 7.2_Kukreja
ISF Congress 2016 - Session 7.2_KukrejaISF Congress 2016 - Session 7.2_Kukreja
ISF Congress 2016 - Session 7.2_Kukreja
 
Friends for Youth's Social Media Tip Sheet for MANY
Friends for Youth's Social Media Tip Sheet for MANYFriends for Youth's Social Media Tip Sheet for MANY
Friends for Youth's Social Media Tip Sheet for MANY
 

HPE-FireEye_Infographic_CrisisCommunication_Final

  • 1. Seek External Expertise Most organizations lack the in-house resources needed to create a top-notch crisis-communication blueprint. If you're among them, look for a security partner who can help you craft a plan that works. • Follow the plan. • Speak with one voice, sharing the same message. • Reassure stakeholders that the organization is addressing the issue and doing everything possible to protect information. • Answer questions honestly. Be transparent about what you don’t know. • Communicate continuously with all stakeholders—but share investigation-related details on a need-to-know basis. Crisis Communication After a Cyberattack Produced by MIT Technology Review Custom in Partnership with Hewlett Packard Enterprise Security Services and FireEye Inc. 44%of business and IT leaders don’t have cybersecurity crisis- communication plans. 15%don’t know whether they have such plans at all. Source: Cybersecurity Challenges, Risks, Trends, and Impacts Surveys, MIT Technology Review Custom in partnership with Hewlett Packard Enterprise Security Services and FireEye Inc., 2016 Does your organization have a clear plan for communicating with stakeholders in a cybercrisis? If not, you’re far from alone. • Create a cross-functional communication team. Involve key players from across the organization. • Establish a clear leadership structure (“who will be in charge?”) with a well-defined communication tree. • Develop blueprints for responding to a variety of cyberattack scenarios. • Prepare to respond at the speed of Twitter. Have dedicated communication platforms ready to go. Build two-way channels so stakeholders can ask questions. • Practice, practice, practice. Rehearse frequently to make sure the plan works. • View the plan as a perpetual work in progress. Update it regularly to reflect emerging new threats. Where to Start Cyberattacks differ from other crises, such as fires, power failures, and floods. Coming to light only weeks or months after the initial breach... ...attacks may catch organizations by surprise because they’re often first reported by external sources. In fact: In 53% of cases from 2015, organizations first learned of breaches from external sources, such as: • Customers • Partners • Law-enforcement officials • Media • Or even the attackers themselves No matter how they first hear about a breach, organizations must keep stakeholders informed throughout the crisis. PANIC Source: Cybersecurity Challenges, Risks, Trends, and Impacts Surveys, MIT Technology Review Custom in partnership with Hewlett Packard Enterprise Security Services and FireEye Inc., 2016 Finally: Don’t struggle alone. UPDATE! 24/7 SUPPORT WE’RE ON IT! What to Do When in a real cybercrisis: 2 34 5 6 ALERT! LEGAL HR IT BREAKING NEWS! BREAKING NEWS! For more information on cybersecurity and digital transformation please visit hpe-enterpriseforward.com/fightback © Copyright 2016 MIT Technology Review Custom. All Rights Reserved.