Cybersecurity incidents can have various significant consequences on an organization or a company. These consequences can then lead to other adverse effects, such as damaging the company’s reputation and causing the loss of customers or business partners. The growing increase in reported cases of cyber incidents leads experts to want to act ahead by prioritizing the available resources to prevent these incidents from occurring. For example, hiring cybersecurity specialists, setting up employee training plans, keeping abreast of the latest protection technologies, etc. However, many companies are not well prepared to repair the damage. It often becomes even more complicated in a crisis to manage the company correctly and with customers or business partners.
Intending to improve the understanding of what constitutes good and bad post-incident external communication, researchers Knight and Nurse (2020), conducted a literature review on academic work and reports by cybersecurity specialists on the subject. Specifically, they aim to create, evaluate and perfect a framework, serving as a model, to help victim organizations in their post-incident communication process.
To do this, the researchers compiled thousands of scientific articles (n = 3516) and real case studies to bring the practical and the academic world together. Then, they evaluated the identified articles and studies thereof to derive best practices to meet the purpose of this research.
After their meticulous research, the authors finally completed two models that they believe are best suited for organizations experiencing cybersecurity incidents. The difference between the two models is the emphasis of which the organization prioritizes: a) focusing on the decisions to be made b) focusing on how to handle the data breach message transmitted to collateral victims . These two models are then grouped in a larger model, merging their findings in terms of prevention and preparations to be made even before the incidents occur and the two models mentioned earlier. For the models, please refer to the article.
This study is relevant to both cybersecurity researchers and those working in the practical field. This model, refined through thousands of reviews, can help organizations build an effective post-incident plan or improve on the one already in place. This model’s strength is that it was created using empirical data and data and real examples from cybersecurity experts and specialists.