Cybercrisis management: Are you ready to respond?

September 23, 2021

In an increasingly interconnected world, it’s more important than ever to ensure your organization is prepared to deal with a cybercrisis. These best practices will help you manage a threatening event.


When an adverse event occurs, it’s easy to let emotion take control. Failing to make timely decisions can turn a bad situation worse, but acting on impulse can be just as risky.

Given the high stakes involved, how can you prepare your leaders to operate quickly and prudently when the pressure’s on? What tools can you put in place to help them make smart decisions with limited information? By establishing the proper plans and relationships in advance, you can position your organization to handle a cybercrisis event with control, efficiency and accuracy.


Preparing for a crisis

According to Robb Mattila, director of crisis management at U.S. Bank, preparing for cybercrisis is a constant cycle that involves planning, training, exercising and learning.

Planning: The first step in crisis management is to create a documented plan. These internal procedures provide guidelines and outline measures for employees to take in the event of a cybersituation. A plan also specifies what type of events raise red flags. “While you can’t plan for every possible scenario, you can provide guidelines that indicate when an individual should escalate an event,” says Mattila.

Training: The next step in preparing for a crisis is training your staff. Make sure employees at all levels understand the procedures and keep things simple.

Exercising: Practicing your plans will improve your level of preparedness as an organization and increase collaboration among employees. Ask your clients to join your exercises as well. They can participate in a Q&A-type format. Outside consultants can also be hired to establish a scenario and help walk you through the processes. 

Learning: After each exercise, discuss opportunities for process improvement both internally and with clients. “Every single time I’ve participated in an exercise, new questions come up,” says Steve Krueger, head of Transfer Agent at U.S. Bank Global Fund Services. “As we address these questions, our organization becomes that much more prepared.”

“Consistent messaging to all audiences is important when it comes to a crisis.”

Communicating during a crisis

Having a communications plan is a critical part of cybercrisis management and preparedness. Follow these tips to help you communicate effectively to key stakeholders and the media in the event of a cybercrisis.

Have prepared scripts

In a cyberevent, people like to hear from you quickly. While you’ll never be able to identify every single situation that could happen, you can create templates for the top four or five most likely scenarios. This gives you a starting point that can be customized specific to the event that occurs.

“We know in the absence of any communication, people start to come up with their own stories of what happened,” says Cheryl Leamon, corporate issues management and communications lead at U.S. Bank. “It’s important to acknowledge awareness of the situation and that an organization is addressing it.”

Don’t release information without knowing the facts

Organizations can get themselves into trouble when they try to communicate too many specifics early on. It’s important to ask yourself:

  • How sure are we?
  • How much information should we give?
  • When do we give it?
  • To whom do we give it?

“If incorrect information is communicated and you have to retract things you said, you lose the trust of your employees and your customers,” says Leamon.

Finding the right balance between under and over communicating can be challenging. A good practice is to include phrases such as: “at this time” and “what we know now.” This implies that information is always evolving and subject to change.

Be consistent with your message

Customer service is crucial to any crisis situation, especially in the event that someone else’s data may be at risk.

“Consistent messaging to all audiences is important when it comes to a crisis,” says Leamon. “Customers, elected officials and media all need to be hearing the same information, otherwise it will cause confusion and make an already tense situation more stressful.”

As a senior leader in your organization, be prepared to make phone calls directly to your clients. Using the established script and adding the details you know about the specific situation will prepare you for this conversation.


Establishing external partnerships

Maintaining relationships with local law enforcement is an important part of crisis management. These individuals can advise you on the current threat landscape and will be beneficial to your organization should you need to reach out.

Many organizations also maintain contracts with independent third parties that will provide cyberforensic assistance in the event of a crisis.

In terms of contacting these outside parties in a cyberevent, it’s important to determine who communicates with whom so there’s no overlap or omission.


Beyond cybercrisis

Once you’ve determined and implemented the steps to your cybercrisis plan, think about other crisis areas that may need to be addressed. Many of the principles practiced in a cybersituation apply to events such as natural disasters or terrorist attacks. Additionally, learn from the shortcomings or successes of other organizations to continuously develop your procedures. With an established crisis plan routinely practiced and improved upon, you can be well prepared to defend yourself and your clients against a threatening event.

Continue to evaluate your cybercrisis practices and determine if you need to create or revise your process. While the tasks we outlined may seem daunting, the benefits of being prepared will far outweigh the challenges you may face if you ever experience a cybercrisis.


Learn more about Cybersecurity: Protecting client data through industry best practices.

Related content

Cryptocurrency custody 6 frequently asked questions

BEC: Recognize a scam

Evaluating interest rate risk creating risk management strategy

Fight the battle against payments fraud

The latest on cybersecurity: Vulnerability testing and third-party software

The cyber insurance question: Additional protection beyond prevention

The password: Enhancing security and usability

Why KYC — for organizations

Cayman Islands’ Private Funds Law: What you need to know

Tactical Treasury: Fraud prevention is a never-ending task

Increase working capital with Commercial Card Optimization

3 timeless tips to reduce corporate payments fraud

The surprising truth about corporate cards

White Castle optimizes payment transactions

Solutions banks can offer during the COVID-19 pandemic

What is CSDR, and how will you be affected?

Avoiding the pitfalls of warehouse lending

5 steps you should take after a major data breach

4 tips for protecting your business against Coronavirus-related scams

5 Ways to protect your government agency from payment fraud

Proactive ways to fight vendor fraud

Post-pandemic fraud prevention lessons for local governments

The latest on cybersecurity: Mobile fraud and privacy concerns

How to improve your business network security

Government agency credit card programs and PCI compliance

Cybersecurity – Protecting client data through industry best practices

Cybercrisis management: Are you ready to respond?

Complying with changes in fund regulations

Business risk management for owners of small companies

Automate accounts payable to optimize revenue and payments

Redefining beneficial ownership in the Cayman Islands

Protecting your business from fraud

Webinar: A closer look at U.S. Bank AP Optimizer

The future of financial leadership: More strategy, fewer spreadsheets

How to improve digital payments security for your health system

Enhancing liquidity management: 4 benefits of visibility

Webinar: Fraud prevention and mitigation for government agencies

Webinar: CRE Digital Transformation – Balancing Digitization with cybersecurity risk

Webinar: Recording of the Central Securities Depository Regulation and Pivot

Webinar: CRE technology trends

Webinar: AP automation—solve payment challenges with an invoice-to-pay solution

Webinar: The future of digital onboarding for U.S. Bank clients

Webinar: Redefine your business with technology

Webinar: International payments

Webinar: Robotic process automation

Webinar: The impact of innovation on processing receivables

Webinar: Empower your AP automation with strategic intelligence

Webinar: Economic, political and policy insights

Webinar: Driving innovation to impact treasury management

Webinar: Digitize your AP processes to optimize results

Webinar: CRE treasury leader roundtable

Authenticating cardholder data reduce eCommerce fraud

Webinar: Building digital bridges for treasury optimization

 U.S. Bank does not guarantee the products, services, or performance of its affiliates and third-party providers.

Start of disclosure content
XX-011 Equal Housing Lender
XX-014 Loan programs: credit + home
WI-031 Bank + USBI disclaimer