Over the past 6 months, we have been running a number of crisis and incident management scenarios based on cyber attacks and data theft. Do you think your Exec Team or Crisis Management Team could cope?
Gavin and I have been fascinated by the different reactions of our clients to the scenario – from banks to construction companies, local councils to universities. Each time we hear the same thing, “That was scary, challenging and not a topic I am comfortable with”. So, what is it we can do about this and are you ready?
Having your company exposed to some form of cyber attack – whether it be data theft, an encryption attack or any another type – is not a matter of ‘if’ but, ‘when’. So you and your crisis teams need to be ready to respond. Now, we don’t believe that all Executives need to become IT experts but, they need to understand the basics, be prepared to deal with the worst case scenario and be able to respond to all of their stakeholders in a meaningful way.
The best way to do this is to ensure that you are crisis-fit! Being across an issue, having read a crisis plan, is not the same as being ready and practiced in responding to an event. A crisis simulation based on the worst case scenario is the easiest way to practice your responses – from an individual, team and company level. In this way, ‘when’ the situation arises, you and your business will be fit and ready to respond.
I am sure you can think of a number of examples of CEOs and companies that were not ready and therefore did not respond well to crises – are they around today and in the same job? Becoming crisis fit is not difficult and not something to be afraid of. A well run crisis exercise will give you and your teams the opportunity to practice your responses, learn about themselves and their teams and add value back into the business.
Is it time to give it a go?