Keys to Protecting a Company’s Reputation
For more than twenty years, October has been Cybersecurity Awareness Month – an occasion that usually focuses on technical prevention: strengthening passwords, updating systems, and training staff. However, there’s one aspect that rarely receives the same level of attention: communication. When a company suffers a ransomware attack, for instance, it’s not enough to deploy patches and technical protocols; you also need to face the public. What is said, how it is said, and when it is said can be just as decisive as the work carried out by the IT teams.
When a cyberattack occurs, the initial focus is usually on isolating systems, recovering data, or stopping the leak. Meanwhile, rumours, misinformation, and public perception spread much faster. In that space, communication is as crucial as cybersecurity itself, because it can contain reputational damage, maintain the trust of clients and partners, and demonstrate that the organisation is in control. The problem is that, in most companies, there is no clear strategy in place, and the communications officer gets involved too late and reactively, without having been part of the planning or scenario preparation.
That’s why anticipation is key. It’s not about waiting for a crisis to occur and improvising, but about having a pre-established communication plan for cyber incidents, designed calmly and accounting for different scenarios. Bodies such as the UK’s National Cyber Security Centre (NCSC) stress that many organisations treat communication as secondary when what’s truly at stake is how the incident is perceived. In this regard, practical guides – such as the one by HIROC – recommend preparing adaptable messages, defining alternative channels, identifying roles, and carrying out simulations in which communication forms an integral part of the response team.
In this context, the involvement of the communications lead cannot be optional. Their role must be integrated from the very start within the crisis committee, alongside technical, executive, and legal teams. Only then can decisions be aligned around message, tone, timing, and target audiences. In fact, recent research – such as a study published on arXiv – shows that companies that manage these incidents more effectively tend to communicate early, take responsibility, and offer apologies; whereas those that fail usually delay their messages, downplay the impact, or shift blame onto others.
The Time Factor
Moreover, once the crisis is underway, timing is critical. Communicating as soon as possible – even if only with the information available at that moment – helps to contain speculation and demonstrates control. Transparency is essential, although it must be exercised prudently: not everything can be revealed immediately if doing so compromises technical remediation or legal processes. Explaining what is being done to mitigate damage, setting up specific communication channels, informing employees before speaking externally, and coordinating with the relevant authorities are all basic steps to sustain credibility. As IBM summarises in one of its articles: speed and clarity are as important as the technology used to contain the attack.
And once systems are back up and running, communication doesn’t end there. The post-attack phase is equally important for restoring reputation. Publishing a report with lessons learned, being transparent in accountability, reviewing the communication plan based on experience, and even taking steps to rebuild trust – such as external audits or new certifications – all convey maturity and commitment. The Accenture Ransomware Reoriented report highlights that many companies still view ransomware as a purely technical matter, when in reality it is a business and reputational challenge requiring a change of mindset.
In Summary, communication after a ransomware attack should never be left until the last minute. In fact, it should be considered the central pillar of any crisis management strategy. Involving the communications lead, preparing a plan in advance, speaking quickly and transparently, and learning from each incident are the key steps that make the difference between an organisation that emerges from the crisis with credibility – and one that loses the trust of those around it.
First published by PLexus Pr link to the original article.
Written by Clotilde Betermier, CEO, Intro Ibérica