Crisis Management: How to handle a cyber-security incident

Elizabeth Heusler was recently asked about her experience in crisis management by London-based cyber security company, CNS Group.

There are plenty of issues that never make the evening news.  The idea is to have plans and strategies in place to prevent the issue in the first place.

Issues by their very nature don’t fit into neat boxes – and almost never occur between nine and five.  They simply don’t run to a text book – no matter how much you’ve read up, how many templates you’ve prepared, there’s that cold day in hell when the hair stands up on the back of your neck, your stomach flips and you know, Houston we have a problem.


Before worrying about issues and crisis management, companies would be best advised to have practices and processes in place to stop mistakes before they happen.  Often, it’s just an oversight. It may be due to material sent in a rush, not proofing, not having a second sign-off or letting the untrained or uninitiated loose in the public domain.

Usually, your PR agency will be the first line of defence. Some disasters call for a CEO and other times a line-manager or technical person will be the appropriate spokesperson.  Deciding who or how that decision is made, will stand you in good stead – and in the face of an emergency - will all be in place.

Having a spokesperson, assigned, trained, and practiced in communicating negative news – is a good place to start. 

Read the CNS article:

Sign up for our Newsletter

Crisis Management: How to handle a cyber-security incident - Heusler Public Relations