{"id":225823,"date":"2026-06-04T05:30:00","date_gmt":"2026-06-04T09:30:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/04\/how-businesses-can-prepare-for-a-cybersecurity-crisis\/"},"modified":"2026-06-04T05:35:08","modified_gmt":"2026-06-04T09:35:08","slug":"how-businesses-can-prepare-for-a-cybersecurity-crisis","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/06\/04\/how-businesses-can-prepare-for-a-cybersecurity-crisis\/","title":{"rendered":"How Businesses Can Prepare for a Cybersecurity Crisis"},"content":{"rendered":"

How Businesses Can Prepare for a Cybersecurity Crisis<\/a><\/p>\n

https:\/\/www.infosecurity-magazine.com\/news\/infosecurity-europe-cybersecurity\/<\/a><\/p>\n

Publish Date: 2026-06-04 05:30:00<\/a><\/p>\n

Source Domain: www.infosecurity-magazine.com<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. The nature of the modern digital ecosystem means the probability of an organization falling victim to a cyber-attack is high.<\/p>\n

However, just because the organization has been hit by a cyber incident, that does not mean that the reputation of the business – or the emotional wellbeing of the staff – needs to suffer<\/p>\n

There are steps which cybersecurity and business leaders can take to clearly communicate what has happened during an incident and outline the action\u00a0 being taken to restore services to normal, to both internal and external stakeholders.<\/p>\n

Key to that, according to senior cybersecurity leaders who have hands-on experience with reacting to major cyber\u00a0incidents, is to ensure that the business has a strategy playbook in place which leadership can apply in the worst-case scenario.<\/p>\n

The advice was given at Infosecurity Europe 2026 on June 3, during a keynote session, titled \u2018Crisis Communications \u2013 Contingency Plans to Put in Place Now.<\/p>\n

What to Put in a Cybersecurity Crisis Playbook: What? Who? How?<\/p>\n

Nicola Hudson, partner and global cyber practice co-lead at Brunswick, whose was preciously director of policy and communication at the National Cyber Security Centre (NCSC), noted that a great playbook is not a hundred pages long, but instead concise and focused on three key components.<\/p>\n

“One: What type of crisis are you dealing with? Two: Who are you going to have in the room,\u201d she said.\u00a0\u201cAnd three: Understand responsibilities and trust each other, everyone needs to know what they are doing, no second guessing or getting angst ridden when you are tired and four days in.”<\/p>\n

These three pillars can help set the tone for the rest of the crisis. Dealing with a cybersecurity incident is\u00a0difficult, but can be\u00a0made harder because in addition to being a stressful, high-pressure situation, decisions have to be made, even if only small amounts of incomplete information is available.<\/p>\n

Ashish Shrestha CEO of Zyn Global and former group CISO of Jaguar Land Rover (JLR) said, \u201cPlaybooks don\u2019t fail because of technology, they fail because reality doesn\u2019t follow a script.\u201d\u00a0<\/p>\n

\u201cIn the war room, you have immense pressure building. The Information coming to you is not just changing in minutes, sometimes it\u2019s contextless and in fragments. That is the leadership moment: how do you take those fragments of data and start correlating the next steps,\u201d he added.
\nManaging People During a Technology Crisis Essential\u00a0<\/p>\n

Cybersecurity leaders must remember that dealing with a cybersecurity incident is not just a technical problem, humans and the communications strategy around people need to be managed too.<\/p>\n

Who is involved in the response? Who is responsible for what tasks? Who has the authority to make decisions? An organization will have less challenging time dealing with the chaos of responding to an incident if it sets out the structure for this in advance. Especially around internal and external communication<\/p>\n

\u201cWhat survives is your process. Who is doing what? How ae you going to do it?\u201d said Hudson.<\/p>\n

\u201cWhat doesn\u2019t survive in communications is a playbook with every statement you want to do. You have no idea what\u2019s going to happen or what the threat actor will do,\u201d she explained, adding that this is particularly the case if the attacker is in the orgnaization’s network or trying to exert pressure with demands and threats.<\/p>\n

\u201cIt\u2019s a live crisis communications playbook and you are tweaking it as you go along,\u201d Hudson added.<\/p>\n

It is not just external communications and expectations management which cybersecurity and business leaders need to consider. Following an incident, they must also take care to manage the needs and anxieties around their own staff.<\/p>\n

For Shrestha, that comes down to insisting that the cyber responders are given the downtime required to stay fresh when dealing with an attack.<\/p>\n

\u201cYou need to understand how long people have been working. People get tired. Have you practiced that in your playbook? How will you document that,\u201d he said.<\/p>\n

\u201cMake sure they eat well. Make your they have a hotel to stay in. Make sure they have time to go home! These are things you need to bake into your human side. We had a roster than said you are staying offline at this time,\u201d Shrestha said, referring to dealing with the\u00a0major incident involving JLR in 2025.<\/p>\n

\u201cIt\u2019s an ultra-marathon so you need resilience,\u201d he added.<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

How Businesses Can Prepare for a Cybersecurity Crisis https:\/\/www.infosecurity-magazine.com\/news\/infosecurity-europe-cybersecurity\/ Publish Date: 2026-06-04 05:30:00 Source Domain:…<\/p>\n","protected":false},"author":1,"featured_media":225824,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/assets.infosecurity-magazine.com\/webpage\/og\/3bfd3285-2aa6-4aa0-8b16-e05b38a00be6.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,34],"class_list":["post-225823","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-threat-actor"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/225823"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=225823"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/225823\/revisions"}],"predecessor-version":[{"id":225826,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/225823\/revisions\/225826"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/225824"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=225823"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=225823"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=225823"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}