Infosecurity Europe
8-10 June 2027
Excel London

Responding to a cyber-attack, why crisis communication matters

Organisations are aware that when it comes to the prospect of facing a cyber-attack, for many, it’s a matter of if, not when.

That is why responsible businesses will set out contingency plans which provide instructions and plans for how the organisation should operate if the worst happens and they find themselves faced with a data breach, disruptive DDoS campaign or ransomware attack.

With the right response strategies and technical plans in place, an organisation hit by a major cyber incident can come out the other side relatively intact.

Why cyber crisis communication strategies are vital 

However, there is one area which organisations may not make plans for but is essential to the business during a live cyber event: crisis communications.

A cybersecurity incident is stressful for all involved. In information security, much of the focus is based on what dealing with an incident requires from incident response teams. 

This can require staff to work around the clock, sleep in the office and focus on doing everything required to restore services as quickly as possible.

But sometimes organisations focus entirely on this to the detriment of other key pillars of incident response like providing clear crisis communications about what is happening.

When a cyber-attack happens, stakeholders want answers fast. The board, employees, customers and even the media will want to know about what has happened.

It may be tempting for an organisation under fire to attempt to shut out all ‘outside’ distractions and keep their cards close to their chest. However, this can easily backfire.

During an incident, employees and customers could get anxious, eroding trust in the organisation, while a lack of response to the media could lead to speculation that the company doesn’t have the situation under control.

For all these stakeholders, hearing nothing but silence will be met with a negative response.

It is therefore vital that the affected organisation can communicate the status of the cyber incident at any moment it is required.

At Infosecurity Europe 2026, Ashish Shrestha, CEO of Zyn Global and former group CISO of Jaguar Land Rover (JLR) and Nicola Hudson, global cyber practice co-lead at Brunswick and former director of policy and communication at the National Cyber Security Centre (NCSC) discussed how to get communications right during a cybersecurity crisis.

“In the war room, you have immense pressure building. The information coming to you is not just changing in minutes, sometimes it’s contextless and in fragments. That is the leadership moment: how do you take those fragments of data and start correlating the next steps,” said Shrestha.

During Infosecurity Europe Hudson outlined three pillars that can help set the tone for the rest of the crisis:

  • Pillar One: Understand what type of crisis you are dealing with
  • Pillar Two: Who is going to be in the room to work on the response
  • Pillar Three: Everyone must understand their responsibility and trust one another

“What survives is your process. Who is doing what? How are you going to do it?,” said Hudson. “It’s a live crisis communications playbook and you are tweaking it as you go along.”



Cyber-attacks don’t follow a script 

Even with the best possible playbook in place, it is important to remember that cyber-attacks don’t follow a script: the situation is constantly in flux, new information can emerge, as can new problems. However, by sticking to some pre-defined pillars, it’s possible to ride the situation out.

A cyber-attack can have a significant impact on an organisation, but with a good communications strategy, it’s even possible to grow your reputation, even after being affected by a major incident.

Maersk and the British Library are among organisations which provided regular public-facing information and updates on the incidents they faced, receiving praise for their transparency.

On the other hand, there are organisations which have remained completely silent about being hit by a cyber-attack. This lack of transparency is something which might make it difficult for clients and customers to regain trust in the organisation and may even result in a loss of business going forward.

If nothing else, it’s this which organisations should keep in mind around why having a crisis communications plan in the event of a cyber-attack is vital. A good communications plan can help reassure your stakeholders, perhaps even improve their opinion of you.

But a bad or non-existent communications plan could result in permanent damage to the business – and long after the damage of the cyber-attack has passed.

Conclusion

Effective crisis communications should be treated as a core pillar of cyber incident response rather than an afterthought. Organisations must balance the technical urgency of containment and recovery with the equally critical need to communicate clearly, consistently and transparently with all stakeholders.

Ultimately, cyber-attacks are unpredictable, but a well-prepared communications strategy which is built on clarity, coordination and trust can significantly influence how an organisation is perceived in the aftermath.


ADVERTISEMENT


Enjoyed this article? Make sure to share it!



Looking for something else?


Tags


ADVERTISEMENT


ADVERTISEMENT