Cybercrisis management: Are you ready to respond?

November 14, 2022

In an increasingly interconnected world, it’s more important than ever to ensure your organization is prepared to deal with a cybercrisis. These best practices will help you manage a threatening event.

When an adverse event occurs, it’s easy to let emotion take control. Failing to make timely decisions can turn a bad situation worse, but acting on impulse can be just as risky.

Given the high stakes involved, how can you prepare your leaders to operate quickly and prudently when the pressure’s on? What tools can you put in place to help them make smart decisions with limited information? By establishing the proper plans and relationships in advance, you can position your organization to handle a cybercrisis event with control, efficiency and accuracy.


Preparing for a crisis

According to Robb Mattila, director of crisis management at U.S. Bank, preparing for cybercrisis is a constant cycle that involves planning, training, exercising and learning.

Planning: The first step in crisis management is to create a documented plan. These internal procedures provide guidelines and outline measures for employees to take in the event of a cybersituation. A plan also specifies what type of events raise red flags. “While you can’t plan for every possible scenario, you can provide guidelines that indicate when an individual should escalate an event,” says Mattila.

Training: The next step in preparing for a crisis is training your staff. Make sure employees at all levels understand the procedures and keep things simple.

Exercising: Practicing your plans will improve your level of preparedness as an organization and increase collaboration among employees. Ask your clients to join your exercises as well. They can participate in a Q&A-type format. Outside consultants can also be hired to establish a scenario and help walk you through the processes. 

Learning: After each exercise, discuss opportunities for process improvement both internally and with clients. “Every single time I’ve participated in an exercise, new questions came up,” says Steve Krueger, head of Transfer Agent at U.S. Bank Global Fund Services. “As we address these questions, our organization becomes that much more prepared.”

“Consistent messaging to all audiences is important when it comes to a crisis.”

Communicating during a crisis

Having a communications plan is a critical part of cybercrisis management and preparedness. Follow these tips to help you communicate effectively to key stakeholders and the media in the event of a cybercrisis.

Have prepared scripts

In a cyberevent, people like to hear from you quickly. While you’ll never be able to identify every single situation that could happen, you can create templates for the top four or five most likely scenarios. This gives you a starting point that can be customized specific to the event that occurs.

“We know in the absence of any communication, people start to come up with their own stories of what happened,” says Cheryl Leamon, corporate issues management and communications lead at U.S. Bank. “It’s important to acknowledge awareness of the situation and that an organization is addressing it.”

Don’t release information without knowing the facts

Organizations can get themselves into trouble when they try to communicate too many specifics early on. It’s important to ask yourself:

  • How sure are we?
  • How much information should we give?
  • When do we give it?
  • To whom do we give it?

“If incorrect information is communicated and you have to retract things you said, you lose the trust of your employees and your customers,” says Leamon.

Finding the right balance between under and over communicating can be challenging. A good practice is to include phrases such as: “at this time” and “what we know now.” This implies that information is always evolving and subject to change.

Be consistent with your message

Customer service is crucial to any crisis situation, especially in the event that someone else’s data may be at risk.

“Consistent messaging to all audiences is important when it comes to a crisis,” says Leamon. “Customers, elected officials and media all need to be hearing the same information, otherwise it will cause confusion and make an already tense situation more stressful.”

As a senior leader in your organization, be prepared to make phone calls directly to your clients. Using the established script and adding the details you know about the specific situation will prepare you for this conversation.


Establishing external partnerships

Maintaining relationships with local law enforcement is an important part of crisis management. These individuals can advise you on the current threat landscape and will be beneficial to your organization should you need to reach out.

Many organizations also maintain contracts with independent third parties that will provide cyberforensic assistance in the event of a crisis.

In terms of contacting these outside parties in a cyberevent, it’s important to determine who communicates with whom so there’s no overlap or omission.


Beyond cybercrisis

Once you’ve determined and implemented the steps to your cybercrisis plan, think about other crisis areas that may need to be addressed. Many of the principles practiced in a cybersituation apply to events such as natural disasters or terrorist attacks. Additionally, learn from the shortcomings or successes of other organizations to continuously develop your procedures. With an established crisis plan routinely practiced and improved upon, you can be well prepared to defend yourself and your clients against a threatening event.

Continue to evaluate your cybercrisis practices and determine if you need to create or revise your process. While the tasks we outlined may seem daunting, the benefits of being prepared will far outweigh the challenges you may face if you ever experience a cybercrisis.


At U.S. Bank, your privacy and security are our priority. We’re constantly enhancing our systems to keep your data secure and provide seamless technology experiences. Learn more about protecting client data with cybersecurity best practices.

Related content

Fight the battle against payments fraud

Fraud prevention checklist

How to keep your assets safe

Insource or outsource? 10 considerations

Proactive ways to fight vendor fraud

Business risk management for owners of small companies

Avoiding the pitfalls of warehouse lending

5 Ways to protect your government agency from payment fraud

How to improve your business network security

The latest on cybersecurity: Mobile fraud and privacy concerns

Complying with changes in fund regulations

What is CSDR, and how will you be affected?

Cybersecurity – Protecting client data through industry best practices

Government agency credit card programs and PCI compliance

Post-pandemic fraud prevention lessons for local governments

Risk management strategies for foreign exchange hedging

Best practices on securing cardholder data

Third-party vendor risk: protecting your company against cyber threats

Turn risk into opportunity with supply chain finance

Cybercrisis management: Are you ready to respond?

White Castle optimizes payment transactions

Webinar: Approaching international payment strategies in today’s unpredictable markets.

Evaluating interest rate risk creating risk management strategy

Increase working capital with Commercial Card Optimization

The future of financial leadership: More strategy, fewer spreadsheets

The surprising truth about corporate cards

Automate accounts payable to optimize revenue and payments

How to improve digital payments security for your health system

Keep your finances safe and secure: Essential tips for preventing check fraud

How to spot an online scam

What is financial fraud?

Authenticating cardholder data reduce e-commerce fraud

Mobile banking tips for smarter and safer online banking

Why Know Your Customer (KYC) — for organizations

Webinar: CRE technology trends

5 winning strategies for managing liquidity in volatile times

Why a mobile banking app is a ‘must have’ for your next vacation

Money muling 101: Recognizing and avoiding this increasingly common scam

How-to guide: What to do if your identity is stolen

Learn to spot and protect yourself from common student scams

The password: Enhancing security and usability

BEC: Recognize a scam

Hospitals face cybersecurity risks in surprising new ways

Cryptocurrency custody 6 frequently asked questions

4 ways to outsmart your smart device

Webinar: How to stay safe from cyberfraud

Webinar: Robotic process automation

Webinar: CRE Digital Transformation – Balancing Digitization with cybersecurity risk

Hospitals face cybersecurity risks in surprising new ways

Webinar: CRE Digital Transformation – Balancing Digitization with cybersecurity risk

How you can prevent identity theft

Evaluating interest rate risk creating risk management strategy

Authenticating cardholder data reduce e-commerce fraud


 U.S. Bank does not guarantee the products, services, or performance of its affiliates and third-party providers.

Start of disclosure content

Loan approval is subject to credit approval and program guidelines. Not all loan programs are available in all states for all loan amounts. Interest rates and program terms are subject to change without notice. Mortgage, home equity and credit products are offered by U.S. Bank National Association. Deposit products are offered by U.S. Bank National Association. Member FDIC.