Security News > 2024 > February > Should IT and Security Teams Play a Role in Crisis Communications?

CISOs have clear communications role during cyber security incidents.

"In the event of a major cyber security incident, the CISO should be prepared to step into a crisis management role. They should understand how to bring clarity to the situation and communicate effectively with internal and external stakeholders," according to the ASD. More Australia coverage How IT and security leaders should prepare to manage crisis communications.

Best practice sees CIOs and CISOs working closely together with senior stakeholders from across the business, including CEOs and boards, to bring together a cohesive, leadership-led crisis communications plan that will be able to function in the event of a stressful incident.

Organisations should form a crisis committee and document roles and responsibilities, including the communications responsibilities of IT and security leaders.

One of the best ways to ensure IT and security teams are prepared for managing the communications aspects of a crisis is to run crisis scenario exercises.

The best way for IT and security teams to handle communications during these events is to take a leadership role and be prepared ahead of time, she said.

News URL

https://www.techrepublic.com/article/how-to-manage-outage-communications-optus-incident/