Most Companies Approach Crisis Management in ‘All the Wrong Ways’

Written by

More than two-thirds of US executives are worried that cyber-threats will impact their company’s growth, but it is probable that companies are preparing for the inevitable business and reputational hits of a cyber-attack in all the wrong ways.

“Traditional crisis management techniques may be time-honored, but often they are static, formulaic and constrained—simply not adequate for the dynamic, nuanced, multi-faceted and ubiquitous nature of cybercrimes today,” said reputation and crisis strategist Davia Temin, CEO of Temin and Co. “In reality, cyber-crisis management is a combination of crisis management, and emergency and terrorist response, which necessitates internal and external cooperation and communication of an unprecedented nature.

As such, it straddles the line between enterprise risk management, business continuity, emergency response, reputation management and corporate governance, she added—a fact that too few organizations embrace.

“I am going to ask you to throw away every rule of crisis management you have ever known, as we explore how cybercrime is rewriting the crisis management rule book,” she said, in the opening of her keynote address at the Unintended Consequences: Impacts of the Internet of Things (IoT) & Big Data conference.

The consequences of not approaching crisis management adequately—and holistically—can be, of course, significant. She pointed out that the “hard” cost of a corporate data breach averages around $3.8 million, but the actual cost to a company in lost revenues, lost shareholder value and lost brand value is much, much more.

“Rarely can crisis response and containment procedures be the same from one cyber-attack to another,” she said. “If crisis is the new normal, then cyber-attacks are the new constant. But public and private response, especially over social media, needs to not only set a new standard for corporate responsibility, but it needs to be savvy, smart and inventive. This new era is going to demand our best and most flexible thinking and response. And, unfortunately, we have not yet seen too many examples of that.” 

What’s hot on Infosecurity Magazine?