Many of you have heard the numerous reports of the Sony hacking, and Microsoft and (once again) Sony having a DDoS attack on their gaming networks. This has caused a nightmare more for Sony, but this headache will come managing this (relatively new) PR crisis.
What is Hacking?
Even though, everyone has some type of electronic device. This could be a smartphone, tablet, laptop, desktop, or video game console. We are a society heavily reliant on electronics. Unfortunately, these devices have security flaws or bugs that can be exploited. For a common person, the term “hacker” would lead them to believe they will steal a person’s information and may use it, or, post it online. That’s what gets the most media attention. However, there a are several different ways hackers affiliate themselves. I should note that these are still generalizations, I am not a hacker and, I’m pretty sure there are more subgroups. One group can be called, “white hats,” this group hacks programs, websites, and other electronics to help the developer. White hats are what companies should and do incentives them in helping make their software more secure. They do not wish to exploit people and help companies plug security vulnerabilities. Then there is another group, which is called, “black hats.” This group is the one you have to watch out for. This is what the hacker is referred to by society, but the media does a bad job of educating them about it. They will find vulnerabilities in programs and exploit them for their own gain. Stealing personal information, and then using it for their own benefit. This is what companies should be looking out for, they are the ones that will put your company in the news, and make you and your company look incompetent. This group will make your job harder, and cause havoc with your company’s reputation and profits. Here’s how to avoid it or help make it a little easier:
What does this mean for the PR industry
This means as a PR professional understanding cyber security is a huge priority. Going back through 2014 and looking at Target, Home Depot, Sony, and many others being hacked as case studies. This could help build a new or update a crisis plan. Most, if not all industry need to have a crisis plan for being hacked. Unfortunately, attacks like what Sony went through will only get numerous and worse. Reading up on what happened before can help build strategies for your company. This should be done immediately or soon. Every company that has a weak encryption software, or, none at all will be attacked.
Ways to Be Prepared for an Attack:
There are several ways to be prepared for when you do get attacked by a hacker. The more you as a PR professional is prepared, the better you can be ready for the public outcry.
Update or Make a Crisis Plan:
If your company does not have a crisis plan, there should be. Start by looking at the what crisis will affect the company you work for. This is all depending, so research and know the difference between a crisis and an issue. The difference will be how long it would stay in the news. If you’re updating the crisis plan, then keep in mind a few things:
- Do your research on what has already happened with these companies.
- Have a press release ready for when something bad happens.
- Make sure everyone knows what to say to the media, or train them to talk to a trained professional.
- Have pre-planned social media posts, and be ready for the flood of tweets and comments coming.
Talk with Experts:
Depending on the size of the company or agency you work for, there could be an IT person running the servers, and backend protocols. They can be a valuable resource for understanding the complexity of maintaining the company’s servers They are your first and only line of defense. Trust and be appreciative of their hard work and effort keeping the system running smoothly. There is also a wealth of outside sources to use. If you know where to look.
Encrypt and Backup!
This will help limit the damage from being hacked. Encrypting your files can save your company from the ugly press about your customer data being used for nefarious reasons. Many companies have the made the mistake of not encrypting their files and have paid the price for it. If you don’t know what to encrypt here is a quick list:
- Credit card information
- username and passwords
- social security numbers
- medical records
That is just a short list of what to encrypt. The best defense is a constant backing up of all your data. This is the best way to ensure no hacker can ransom your information.
When It All Goes Wrong:
If this unfortunate crisis does happen, there are a few ways to handle it. If you followed all or the most important steps, then your company should be prepared for the worst. The first thing is to give the correct information to the press. If you need more time to collect all the information, then let the reporter know. The press will give you some time, but will not wait forever. This means to be in contact with the IT personnel and making sure the top executives are being updated regularly. If you have your crisis plan set-up, then sending out press releases and posting messages to your social media accounts should not take up too much time. Once that is taken care of, briefing your CEO or Founder about what to say in the various press interviews is important. Making sure the person is in-line with what the company has been saying. Also, give him what action steps the company will take to stop this from happening. If there needs to be an apology then say it. This is important:
Make sure to not engage your customers in a negative way. The worst thing you could do it incite more anger.
Public outrage will happen on social media, and accepting this will help, also addressing your customers concerns. The best strategy is to give the public pictures or updates on what improvements your company has made to protect their security. It will take time some, but eventually things will get back to normal.
However, those improvements should be in place and not for publicity.
Are you ready for it? What Crisis plan do you have in place?