Navigating a crisis with confidence

Cybercrime will cost $23 trillion worldwide in 2027, an increase of 175% from 2022

(IMF, 2025)

Cyberattacks happen with alarming frequency, with some reports indicating a cyberattack occurs every 39 seconds internationally (University of Maryland, 2025). The number of data breaches has been steadily rising, with a notable increase since 2024, and becoming increasingly sophisticated and disruptive. In the past few months alone, we have seen several organisations grapple with high-profile crises. If mishandled, these incidents can have lasting operational, financial and reputational consequences.

Effective communication preparation is critical in the event of a cyber breach, as it ensures timely, transparent, and coordinated responses that can significantly mitigate reputational and operational damage. When a breach occurs, stakeholders—including customers, employees, regulators, and the media—demand clear and timely information on how the situation might impact them and what the response will be. It is incumbent on businesses to demonstrate that the organisation is taking responsible action. Pre-established communication plans enable organisations to respond swiftly and confidently under pressure. Moreover, well-prepared communications help demonstrate accountability, maintain trust, and comply with legal and regulatory requirements, all of which are essential for recovery and resilience in the face of cyber threats.

Low-angle view of tall modern skyscrapers against a cloudy sky, with reflections on glass surfaces.

It takes a company 204 days on average to discover a data breach and up to 73 days to contain it.

(IBM, 2024)

Cyber-attack communications checklist

  • 1. Is your crisis manual current and accurate?

    Make sure all details are current, from platforms to contacts. A quick review now can save time and confusion later. 

  • 2. Have you identified your response experts?

    This should include internal and external experts, each with clear roles and responsibility to act swiftly and effectively.

  • 3. Have decision making protocols been agreed?

    Ensure these are defined in advance to avoid delays. Clear comms channels and escalation paths are vital under pressure.

  • 4. What monitoring do you have or can activate?

    Track sentiment and signals in real time to shape messaging and understand how your response is landing with stakeholders. 

  • 5. Do you have templates and comms channels ready?

    Save time during a crisis with pre-approved materials and mapped stakeholders for fast, tailored communication.  

  • 6. Have you got a logging process ready?

    It may seem dull, but logging actions and decisions is vital for compliance, accountability, and post-incident review. 

  • 7. Consider realistic crisis simulation training

    Test your plans and team under pressure to uncover gaps and build confidence before a real incident hits.