Per CompTIA’s State of Cybersecurity 2025 report, nearly 60% of businesses reported the impact of cybersecurity incidents during the past year has been moderate to severe, with “clear downsides for both finances and productivity.”
Economic and operational harm caused by cyber incursions ranges from the costs of responding to attacks with new software, hardware and staff overtime to damages to reputation like the loss of customer confidence.
Which cyberattack vectors generate the greatest negative effects? Companies surveyed for the study told researchers that malware, ransomware and phishing are the biggest culprits.
Interpreting this feedback, CompTIA analysts noted the ironic twist to these top threats: “...Technology plays less of a role in prevention and mitigation. Instead, well-defined processes and
effective end user training are key elements in avoiding damage.”
And, the secret to managing both those measures successfully is effective communication.
Here are three tips for managing communications during a cyber crisis:
1. Create a Cyber Crisis Committee
Assemble a team that includes staff from the front lines to the executive suite – e.g., IT, legal, pr/marketing and customer service. This group will be responsible for leading communications when a cyber assault occurs, collaborating across the organization and managing all.
2. Craft a Cyber Crisis Communication plan
Your committee’s first priority is detailing all tasks and determining who handles what in the wake of an incident. Put procedures into a playbook so that, in the event key players are unavailable, other team members can substitute easily.
3. Conduct Breach Simulations
Many organizations rehearse cyber crisis response with the IT team. But not all include communications in drills. Practicing reduces tension, anxiety and potential errors.
Need help avoiding cyber crises? Call us for a
cybersecurity assessment.