Whether or not you – or your management – believes you’ll suffer a security incident it certainly pays to be prepared. Odds are that something is going to occur.
Does your business have a solid incident response plan? What about a communications plan? Is an executive or business PR representative going to say “Um, well, uh you know – we got hacked and stuff…” to the eager media or are they prepared to answer questions in a mature and professional manner?
PR pros will tell you that you’d better be prepared. As Bolling Spalding – a PR expert here in Atlanta – said in this Atlanta Business Chronicle piece:
“Address the situation openly by saying, ‘We don’t have all the facts yet, but will tell you what we know now and we’ll continue to report back as the facts come in.’…If you don’t tell the story, someone else will tell it for you, and it might be someone with an ax to grind.“
There’s too much to lose folks. Do something now so you’ll have a plan when the time comes.
If you’re interested, here are some tips I’ve written about information security-related incidents and how to shore up what could be one of your business’s greatest weaknesses.
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”