Fail To Prepare…..
It’s an old adage but it’s surprising how few organisations take Benjamin Franklin’s quote seriously enough to put his advice into practise. Of course it is tough for organisations like smaller businesses and charities which don’t feel they have the time or money to spend on training. Unfortunately though, when it comes to dealing with a crisis of any sort, it is the preparation for that possibility which will save both in the long run.
It is particularly true of the new European Union GDPR (General Data Protection Regulations) which are aimed at protecting our personal data. But even before GDPR how many companies have put in place some sort of training for their staff to deal with one of the biggest dangers of this online age – cyber crime? How many of you have a robust plan to manage this risk? I suspect the answer is very few.
Yet cyber crime can destroy an organisation. It’s not just the financial loss. Over time that can be recovered. It’s about reputation and that depends on how you handle the situation.
Firstly you need to make sure you genuinely have done everything possible to ensure your clients’ data is protected. Accreditations, certifications, training with reputable risk management companies will all help. These will set up the sort of system you need to prove you take GDPR seriously.
Secondly work with your comms/PR team to understand the type of cyber crime you are most likely to be exposed to and how you will deal with it in terms of communicating that to your clients. If your email system has been hacked, how will you reach your clients to tell them. What will that email say? Will it make matters worse or better?
Thirdly if you don’t have an internal comms/PR team then bring in an external specialist. However don’t wait until the crisis to do this. They can work with the board and senior management team to put a system in place so you are prepared to deal with whatever happens.
Finally do some training with media and crisis communications specialists. It will help you understand how the media will react should your cyber attack become public and what you can do about it. It will also give you a better idea of what is good communication should you have to let your clients’ know. Preparation is everything…