Data Breach Crisis Control – How to Communicate When You’re in the Hot Seat
1 like978 views
The document outlines a webinar on crisis management during data breaches, highlighting the roles of Co3 Systems and Inform in incident response and communication strategies. It emphasizes the prevalence of data breaches in businesses, the critical need for effective communication during crises, and outlines key steps for managing a breach. The presentation also includes statistics on breaches, a case study, and takeaways for organizations to improve their preparedness.
Data Breach Crisis Control – How to Communicate When You’re in the Hot Seat
- 1. WEBINAR
- 2. WEBINAR
- 3. Slide 3 Agenda • Introductions • Who Are We • 2014: Year of the Breach • Going Viral • Facing the Crisis • Questions
- 4. Slide 4 Introductions • Ted Julian, CMO, Co3 Systems • Melanie Dougherty Thomas, Managing Director, Inform
- 5. Slide 5 About Co3 – Incident Response Management MITIGATE Document Results & Improve Performance • Generate reports for management, auditors, and authorities • Conduct post-mortem • Update SOPs • Track evidence • Evaluate historical performance • Educate the organization ASSESS Identify and Evaluate Incidents • Assign appropriate team members • Evaluate precursors and indicators • Correlate threat intelligence • Track incidents, maintain logbook • Prioritize activities based on criticality • Generate assessment summaries PREPARE Improve Organizational Readiness • Appoint team members • Fine-tune response SOPs • Escalate from existing systems • Run simulations (firedrills / table tops) MANAGE Contain, Eradicate, and Recover • Generate real-time IR plan • Coordinate team response • Choose appropriate containment strategy • Isolate and remediate cause • Instruct evidence gathering and handling • Log evidence
- 6. Slide 6 About Inform • INFORM is a leader in Integrated Communications (IC). • Inform provides high-level strategy and execution incorporating public relations, marketing, innovative digital and graphic design, video production, ad placement, social and new media deployment, and crisis management to meet your goals. • The principles of the firm are leaders in the industry, with nearly 20 years experience working in the communications field. They have been employed by Fortune 500 companies, been at the start-up table with new ventures, and worked for agencies both large and small.
- 7. Slide 7 2014: The Year of the Breach “There are two kinds of companies in America: those who’ve been breached and those who don’t know they’ve been breached.” FBI Director James Comey 60 Minutes Interview October 5, 2014
- 8. POLL
- 9. Slide 9 Attack of the Titans • 43% of all companies in America have experienced a data breach, USA Today, 9/24/14 • 80% of breaches root cause is employee negligence, USA Today, 9/24/14 • 31.4 million people have had their protected health information compromised following a breach, HHS, 10/26/14
- 10. Slide 10 Going Viral: Why a Data Breach Takes Flight • Record setting loss • Sensitive community affected • Competitive media market • Concentration of affected parties • Delay in notification • Customer complaints unanswered • Failure to respond to social media • Ignoring the media • Mixed messages
- 11. Slide 11 Case Study: A leading consumer brand breach blunder 1. Responding before a thorough assessment 2. Providing too much information too soon 3. Mixed messages=confusion 4. Retraction=uncertainty in messaging 5. Insensitivity to your market 6. Record-setting investment in brand rehabilitation 7. CIO & CEO lose positions, multiple class action suits in the $100M, breach cost over $150M to date 8. Board of Directors target of lawsuits
- 12. POLL
- 13. Slide 13 Facing the Crisis: 9 Steps to Crisis Communications Management – Active Incident 1. Internal planning happens before the crisis 2. Holding statement while forensics assessment is conducted 3. Coordination with crisis team 4. Social media monitoring begins 5. Public statement-thoughtful, showing earnest commitment to problem 6. Rapid notification/remediation, if required 7. Coordination across multiple communication mediums 8. Respond to every customer question in rapid fashion 9. Engage the press if approached
- 14. Slide 14 Collaboration is key Risk & Compliance Legal-GC & Firm Forensics Resolution Provider PR/ Crisis Communications Client
- 15. POLL
- 16. Slide 16 The Path Forward: Specialist Required Your Game Plan requires a crisis comms specialist who can stay abreast of industry, legal & regulatory developments, & the court of public opinion. Issue Advertising Community Relations Campaign
- 17. Slide 17 Takeaways • You can’t market your way out of a crisis & brand damage • Your in-house team is likely not equipped to handle breach or cybersecurity attack response (no matter how good they may be) • Coordination & planning is key • Make the CEO the spokesperson, not legal or PR • Public statement~ thoughtful, showing earnest commitment to problem • Regular crisis drills ensures response will be optimum • Changing legal & regulatory landscape make data breach a priority for the C-suite & Board of Directors • Media & consumer awareness is growing rapidly~ they’re informed & increasingly unforgiving • Be prepared!
- 18. ■
- 19. Slide 19 Upcoming Co3 Events • You’ve Been Breached: How to Mitigate the Incident Jan. 21, 2015, 12-1 pm EST – Featuring Ted Julian, CMO, Co3 Systems and Stephen Brennan, Global Technical Consulting Lead - Managing Partner, CSC
- 20. One Alewife Center, Suite 450 Cambridge, MA 02140 PHONE 617.206.3900 WWW.CO3SYS.COM “Co3 Systems makes the process of planning for a nightmare scenario as painless as possible, making it an Editors’ Choice.” PC MAGAZINE, EDITOR’S CHOICE “One of the hottest products at RSA…” NETWORK WORLD – FEBRUARY 2013 “Co3…defines what software packages for privacy look like.” GARTNER “Platform is comprehensive, user friendly, and very well designed.” PONEMON INSTITUTE Melanie Dougherty Thomas Managing Director Inform http://informtheagency.com/ For a free consultation visit: info.co3sys.com/free-consultation
- 21. Slide 21 “Co3 makes the process of planning for a nightmare scenario as painless as possible, making it an Editors’ Choice.” – PC Magazine, Editor’s Choice “Platform is comprehensive, user friendly, and very well designed.” – Ponemon Institute “One of the most important startups in security…” – Business Insider “One of the hottest products at RSA…” – Network World “...an invaluable weapon when responding to security incidents.” – Government Computer News “Co3 has done better than a home-run... it has knocked one out of the park.” – SC Magazine Most Innovative Product