As data breaches continue to impact organizations at an increasing rate, the importance of effective cyber incident response is more important than ever. WaterISAC is sharing resources and tools to help utilities prepare for and implement this crucial aspect of organizational resilience.
Incident response involves having structured processes in place which are designed to identify and manage cybersecurity incidents. One very important aspect of incident response involves having effective communication procedures in place to help maintain trust between stakeholders and minimize the incident’s impact. HelpNetSecurity shares four key steps to building an incident response plan providing recommendations and best practices for communicating with stakeholders during and after an incident. The four steps include: creating the incident response plan itself, utilizing a vulnerability evaluation, continuous feedback and maintenance, and service continuity planning.
What are the best practices for communicating with stakeholders, including employees, customers, and partners, during and after an incident?
To begin, create a comprehensive crisis communications plan. This plan will outline roles and responsibilities of the communication team, provides key messages for different stakeholders, and outline the communication channels that should be used during the incident.
Next, it is important to tailor the different messages to each target audience’s specific needs. This allows an organization to provide clear instructions to employees about how to proceed with their daily work, as well as inform customers and partners about the nature of the incident. It will also keep sensitive information about the incident in the proper hands, minimizing chaos and making communications and procedures clear.
The plan should also include proper timing and sequencing for additional updates and describe when and how the organization will provide such updates. This will facilitate a proactive and transparent approach to help control and prevent the circulation of false information.
Finally, include a feedback mechanism for stakeholders to ask questions and express concerns. This important but often overlooked step will help improve future response procedures minimizing the impact of cybersecurity incidents.
Members are encouraged to review the above recommendations as well as the four steps and guidance for each to determine how your utility can best bolster its incident response. For more guidance, visit HelpNetSecurity.
Additional Resources:
