When organizations think about incident response (IR), they often focus on forensic investigations, legal implications, and containment. However, one critical function is frequently underestimated: public relations (PR). In our most recent masterclass on Cyber Incident Public Relations & Communications in collaboration with Fleishman Hillard, Cody Want and Ella Cahoon explored the critical role of public relations, communications, legal, and IT teams in managing a cyber crisis.
The Hidden Value of PR in Incident Response
PR in incident response is much more than just crafting a media statement—it plays a vital role in shaping stakeholder communications, preserving relationships, and ensuring that an organization is prepared to handle an incident effectively.
Here are some valuable ways PR can shape incident response:
Proactive Customer Communication
A major part of PR in incident response is deciding whether to be proactive or reactive when communicating a cyberattack. When data breaches or ransomware attacks occur, organizations must weigh the risks of informing customers early versus waiting for more details. Being proactive allows organizations to control the message rather than being caught off guard by external disclosures. This means PR teams must be prepared to evolve messaging over time. A well-thought-out FAQ document, call center scripts, and dedicated communication channels can prevent confusion and reduce frustration.
Ensuring Practical Communication Channels
PR in incident response isn’t just about the media—it’s about managing inquiries from customers, regulators, employees, and investors. A common oversight in crisis response is assuming that standard communication channels will always be available. In some cases, email systems or phone lines may be compromised. PR teams play a crucial role in identifying alternative ways to communicate, such as:
- Using sales teams to text customers.
- Updating the company website with real-time information.
- Leveraging social media channels for rapid updates.
Preparation is Everything
Organizations often think they are prepared for a cyber incident—until they aren’t. Effective PR involves regular scenario planning and crisis simulations to uncover gaps. These gaps can include outdated contact lists, unclear ownership of social media accounts or external communication channels, and a lack of a structured process for responding to stakeholder concerns. Therefore, the PR team runs exercises and simulations to help identify these weaknesses before an actual crisis occurs.
Reputation is More Than Media Coverage
Many organizations equate PR in incident response with media relations, but reputation management extends far beyond press releases. PR teams provide real-time strategic input, ensuring that messaging remains relevant and responsive to the situation as it unfolds. PR helps organizations navigate regulatory communications and maintain customer trust by prioritizing relationship-driven messaging. Additionally, they manage employee morale and internal communications and influence how stakeholders perceive an organization’s response and responsibility.
The Bottom Line for PR in Incident Response
Incorporating PR in incident response strategy isn’t optional—it’s essential. PR teams serve as a crucial bridge between legal, technical, and stakeholder needs. Organizations that integrate PR from the outset are better positioned to maintain control, reduce reputational damage, and emerge stronger from a crisis.
To delve deeper into PR in incident response, a full recording of the masterclass is available!
