Master Your Security Incident Response Communications Program
Learn how to talk to your stakeholders about what’s going on when things go wrong.
- When a significant security incident is discovered, usually very few details are known for certain. Nevertheless, the organization will need to say something to affected stakeholders.
- Security incidents tend to be ongoing situations that last considerably longer than other types of crises, making communications a process rather than a one-time event.
- Effective incident response communications require collaboration from: IT, Legal, PR, and HR – groups that often speak “different languages.”
Our Advice
Critical Insight
- There’s no such thing as successful incident response communications; strive instead for effective communications. There will always be some fallout after a security incident, but it can be effectively mitigated through honesty, transparency, and accountability.
- Effective external communications begin with effective internal communications. Security Incident Response Team members come from departments that don’t usually work closely with each other. This means they often have different ways of thinking and speaking about issues. Be sure they are familiar with each other before a crisis occurs.
- You won’t save face by withholding embarrassing details. Lying only makes a bad situation worse, but coming clean and acknowledging shortcomings (and how you’ve fixed them) can go a long way towards restoring stakeholders’ trust.
Impact and Result
- Effective and efficient management of security incidents involves a formal process of preparation, detection, analysis, containment, eradication, recovery, and post-incident activities: communications must be integrated into each of these phases.
- Understand that prior planning helps to take the guesswork out of incident response communications. By preparing for several different types of security incidents, the communications team will get used to working with each other, as well as learning what strategies are and are not effective. Remember, the communications team contains diverse members from various departments, and each may have different ideas about what information is important to release.
Member Testimonials
After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this blueprint and what our clients have to say.
8.5/10
Overall Impact
$17,419
Average $ Saved
26
Average Days Saved
Client
Experience
Impact
$ Saved
Days Saved
Encore Electric
Guided Implementation
9/10
$32,499
47
These types of projects are difficult because they last a long time, and they are tedious. Working with Carlos helped us to have the process bluep... Read More
Lower Hudson Regional Information Center
Workshop
8/10
$2,339
5
Sandy really understood us as an organization which allowed her to better facilitate and navigate the conversation as we moved through the workshop.
Centra Networks
Guided Implementation
10/10
$7,437
16
One on one assistance with learning and guidance.
Yamana Gold
Guided Implementation
10/10
$10,000
2
Great insights and great resources already available on key and relevant topics..
Hamilton Public Library
Guided Implementation
10/10
N/A
20
Logan was great in guiding through the steps, very thorough, useful in finalize the policy.
About Info-Tech
Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.
We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.
What Is a Blueprint?
A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.
Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.
Need Extra Help?
Speak With An Analyst
Get the help you need in this 2-phase advisory process. You'll receive 4 touchpoints with our researchers, all included in your membership.
Guided Implementation 1: Dive into communications planning
- Call 1: Establish the SIRT.
- Call 2: Explore the elements of effective security incident response communications.
Guided Implementation 2: Develop your communications plan
- Call 1: Create an internal communications plan.
- Call 2: Develop an external communications strategy.
Contributors
- Loren Dealy Mahler, President, Dealy Mahler Strategies LLC
- Glendalynn Dixon, Consultant, Facilitator, Advisor, Technology Industry
- Edward Gray, Lecturer, Ivey Business School at Western University
- Keith Marnoch, Director, Media & Community Relations, Western University
- TJ Minichillo, Global Head Cyber Intelligence & Analytics, Energy Industry
- Tracy Olmstead Williams, President & CEO, Olmstead Williams Communications
Develop and Implement a Security Incident Management Program
Build Resilience Against Ransomware Attacks
Build a Vendor Security Assessment Service
Implement Risk-Based Vulnerability Management
Design a Tabletop Exercise to Support Your Security Operation
Integrate Threat Intelligence Into Your Security Operations
Master Your Security Incident Response Communications Program
Design a Coordinated Vulnerability Disclosure Program