4 minute read

You know what to do if a break-in occurs at your bank, but today’s financial criminals work behind a computer. Cybersecurity continues to be a threat for financial institutions of all sizes, with some even calling it the top risk for banks in 2018.

When cybercriminals attack large financial institutions, everyone hears about it. But cybercriminals are targeting community banks, too. Not only do smaller institutions often have fewer precautions in place, but they frequently assume criminals only phish for the biggest catches. This misconception makes smaller banks easier to hook.

Too many small and medium-sized businesses have a false sense of confidence about protecting themselves and their customers from cyberattacks. Too often, they believe they have nothing of value to an attacker—but that makes them even more attractive. In the Ponemon Institute’s report, The 2017 State of SMB Cybersecurity, 61 percent of respondents say they faced such attacks, compared to 55 percent the previous year.

Are you prepared in the event of a cyberattack?

Creating a communications plan

Getting ahead means better preparation when the crisis hits your team. If you don’t have a cyberattack plan yet, here’s what you need to get started:

  • Bring a cross-functional leadership team to the table, including on-call external representatives from IT, legal and PR/communications, and, if appropriate, community representatives. You may also need outside experts with specific technical expertise in handling financial data breaches. Outsiders can be helpful and objective, especially when your team is overwhelmed.
  • Create an incident response team. In particular, identify who will speak to the media. Will it be someone from legal? PR? The CEO? It may change depending on what the breach/issue is, and always have a back-up identified for each spokesperson.
  • Decide who from IT will brief the spokesperson about the nature of the breach.
  • Consider a variety of contingencies and plans for messaging and action. Once you discuss a variety of cyber-breach scenarios that may occur, also consider that the following could occur along with the breach:
    • Your website and email system are compromised or otherwise inaccessible.
    • Your social media channels have been hacked and therefore unavailable
    • Your call center is disabled. How will customers reach you?
    • Unsubstantiated claims about the incident are on social media. Who will respond, and how?
    • Customers contact third-party partners. How will they know what to say regarding the situation?
  • Once you have the plan in place, practice. Run drills. Use a tool like the Federal Deposit Insurance Corporation’s “Cyber Challenge: A Community Bank Cyber Exercise” or bring in experts to train your team how to respond.

>>This all sounds good, but how do you put it all together in real life, right? Here’s how Borshoff used social media to help a client earn rave reviews for their crisis response.

When the crisis hits

If a security breach affects your bank, set up a command center. Then pull up your crisis communications plan and follow it. That may seem obvious to you, but it won’t necessarily be to the president, head of cybersecurity or a panicky board member.

Communicate with bank employees and with affected customers first. It’s important for affected parties to hear about the situation from the bank itself and not from a third party, or worse, through the media. Employees are key because they will be asked questions about the situation and need to know what to say.

The incident response team will craft the messaging for employees, customers and the media. The messages should be nearly identical across all audiences, for complete transparency, consistency and clarity.

Don’t wait too long to respond, but don’t speak too quickly. This timing is a delicate balance to strike and will be determined by the incident response team. Communicate too soon, and you risk sounding uneducated about the situation, but communicate too late and you sound as if you were keeping information from key parties. Unfortunately, either scenario can be more disastrous than the breach alone.

Clearly, this is just a start. But once you include cybersecurity in your crisis plan, there’ll be a new sheriff in town—and cyber-bandits will have nothing on you.

>>Download our free eBook, “How To Be A More Effective Spokesperson,” to learn more. It covers:

  • The role of a spokesperson
  • Why you should build relationships with news media
  • How to prepare for a media interview
  • How to conduct yourself during a media interview

Want to create or update your regional bank’s crisis plan to consider cyberattacks? Email us or call (317) 631-6400.