KAPE Quarterly Update - Q4 2023
by Andrew Rathbun, Eric Zimmerman
The first communication made in a cyber incident can set the perception for the entire experience. Ineffective communications can influence liability, draw the attention of regulators and become the basis for litigious action. Simultaneously, while some legislation may provide the framework for many corporate statements, media attention can be exacerbated by purposely hiding key details or abusing cliché messages. Whether your incident involves 50 or five million individuals; affected customers, employees, investors, suppliers and other stakeholders will expect to hear from you and that first communication can make all the difference.
Our communications experts navigate incident response, notification and all aspects of stakeholder engagement to protect reputation, secure trust and minimize disruption for you, your employees, customers and partners. Our team instills a disciplined communications approach that focuses on outcomes and objectives that align client and stakeholder interests—equipping clients to effectively manage any reputational event.
Rapidly deployable, Kroll’s Strategic Communications team uses a tested approach in cooperation with legal counsel to assess stakeholder impact, operational needs and regulatory requirements to create a disciplined communications strategy for stakeholder engagement that protects reputation, secures trust and minimizes disruption.
The team advises for all stakeholder engagement, including employees, customers, shareholders, partners and media, developing the messaging and materials in a comprehensive “playbook” that aligns all communications to ensure consistency and accuracy through all channels.
Kroll works with clients to evaluate and build crisis communications plans that improve their reputation management capabilities. Starting with an audit of materials, processes and threats, Kroll delivers a communications risk assessment, and then works with clients to develop communications processes, metrics and guidance to prepare for any potential reputational risk. This can be expanded with in-depth scenario playbooks for specific risks, creating specialized response strategies to mitigate threats and ensure responsible approaches.
Plans are only paper until they’re practiced. The Strategic Communications team can provide a full range of trainings to build the skills of executives and employees from sixty-minute media trainings to full-day, multi-chapter simulations. Every employee is a potential representative from the front-desk who answers the phone to the sales team connecting with customers and the media spokesperson talking to reporters. Kroll can support every level to enhance their skills and capabilities.
Incident Response | Preparedness | Training |
---|---|---|
| Risk Assessment
| Training Refresher
|
Cyber Security Communications Plan
| Messaging Training
| |
Scenario-specific Playbooks
| Tabletop Scenarios
| |
Monitoring & Tracking
| Simulation
|
Our communications team are not only experts in cyber security incident response and preparedness but also have a proven record in non-cyber reputation management. The team is available to consult on any potential reputational concern.
Kroll experts handle more than 3,000 cyber incidents of all types annually, supporting clients through every stage of an incident in a wide range of difficult situations across dozens of industries. Combined with Kroll’s expertise in compliance and regulatory consulting, investigations and disputes, restructuring and corporate finance, our Strategic Communications team can help navigate a myriad of sensitive issues. Additionally, through Kroll’s extensive relationship with insurance brokers and preferred/approved vendor status with insurance carriers, our strategic communications services can be engaged as part of a claim.
In many cases, the reputational impact doesn’t come from the incident itself but how the company responds and how it communicates with stakeholders who were impacted. At every stage, Kroll can help clients prepare for challenges, avoid missteps and engage responsibly with its stakeholders. Use the links on this page to explore our services further or speak to a Kroll expert today via our 24x7 cyber incident hotlines or our contact page.
Incident response, digital forensics, breach notification, managed detection services, penetration testing, cyber assessments and advisory.
Kroll is the largest global IR provider with experienced responders who can handle the entire security incident lifecycle.
Cyber incident remediation and recovery services are part of Kroll’s Complete Response capabilities, expediting system recovery and minimizing business disruption.
Kroll delivers more than a typical incident response retainer—secure a true cyber risk retainer with elite digital forensics and incident response capabilities and maximum flexibility for proactive and notification services.
Kroll's expertise establishes whether data was compromised and to what extent. We uncover actionable information, leaving you better prepared to manage a future incident.
Improve investigations and reduce your potential for litigation and fines with the strict chain-of-custody protocol our experts follow at every stage of the data collection process.
Kroll’s field-proven incident response tabletop exercise scenarios are customized to test all aspects of your response plan and mature your program.
You learn today that your organization is facing some kind of cyber incident. Could be ransomware, highjacked O365 email account, PII or PHI exfiltrated, misconfigured network settings exposing data, etc. What do you do first?
by Andrew Rathbun, Eric Zimmerman
by David White
by George Glass
by Dave Truman