Ken Labelle, Cyber Risk Expert with Burns and Wilcox Brokerage, recently sat down with me to discuss why crisis communications is so vital during a cyber breach. You can watch the full interview below, or read on for the transcript.
David: You've been breached! How do you tell your employees what happened? How do you tell your customers what happened? How do you tell the public what happened? What we're gonna be talking about today is the role of crisis communications in a breach response.
David: So if we've learned anything about how to respond to a breach, we've learned that this really isn't a do-it-yourself job and having good, corrected, crisis communications behind you is something that can really help make sure that you're minimizing future losses that could arise from this incident. Can you tell me about a time when you've had clients that have had to rely on crisis communications to get them through a breach and what that experience was like for them?
Ken: Absolutely! So if you lose information that should not be publicly made available, you have to notify those individuals, you may have to report that to the state's attorney general. Well, this makes it public information. You face adversity reports at this point, you want to counteract those media reports. You want to get out there with something. So any breach that's lost information that causes this electronic communication, they always take up the public relations portion of the policy to help alter that. Now you have reputational damages that occur afterwards as well. You have a natural customer churn, but if you lose more than that natural churn because of this breach and because of the adverse media reports then you lose money.
David: Sure, sure, and helping to control that story a little bit and really guide that story to as positive and end as it can for your business can certainly minimize those damages but I imagine it's got to be difficult to quantify those reputational damages that arise after a cyber breach. You know, how do you quantify how many customers you're losing or what sort of lost income you're facing?
Ken: It's quite the process actually! It takes a lot of forensics, so you have to look at financials over the last few years, what are your normal increases, did anyone new enter the space to take away from the sales of your product—if that's what you do, you look at all these different factors to figure out that this really was the cause of your reputation damage was due to the adverse reports of this breach and that's how you come up with your value.
David: Okay, and that's really is one of the one of the areas that cyber insurance really is trending towards is having coverage for not only your lost business income, but future reputational harm as well. It’s certainly a good thing to look for on your policies.
David: So that’s it for today’s episode! Click here to follow along and see future episodes and make sure you’ve liked our LinkedIn and Facebook pages and subscribe to our YouTube channel. Ken, thank you for coming and talking today. Cheers!