If a cyber incident affects your business, the way you communicate with your staff, stakeholders, customers and perhaps the media, can make a huge difference in the way your business is perceived.

In an incident, attention tends to focus on the technical aspects of putting things right and communication may be left as a secondary concern. With this in mind, the National Cyber Security Centre has published some guidance on how to manage your communication strategy.

Core principles

The guidance outlines three core principles to follow:

  1. Prepare your communications strategy in advance.
  2. Communicate clearly with different parties, and tailor your messaging where necessary.
  3. Manage the aftermath in the medium and long term.

The guidance breaks down these core principles and provides ideas for procedures you could put in place in your business.

To review the guidance, see: https://www.ncsc.gov.uk/guidance/effective-communications-in-a-cyber-incident