Master Your Security Incident Response Communications Program

Prepare to maintain the trust and confidence of your stakeholders when things go wrong.

If you're already a member, click here to log in.

Major Business Pain Points

  • When a significant security incident is discovered, usually very few details are known for certain. Nevertheless, the organization will need to say something to affected stakeholders.
  • Security incidents tend to be ongoing situations that last considerably longer than other types of crises, making communications a process rather than a one-time event.
  • Effective incident response communications require collaboration from: IT, Legal, PR, and HR – groups that often speak “different languages.”
Master Your Security Incident Response Communications Program-Pain Points


Key Points

  • There’s no such thing as successful incident response communications; strive instead for effective communications. There will always be some fallout after a security incident, but it can be effectively mitigated through honesty, transparency, and accountability.
  • Effective external communications begin with effective internal communications. Security Incident Response Team members come from departments that don’t usually work closely with each other. This means they often have different ways of thinking and speaking about issues. Be sure they are familiar with each other before a crisis occurs.
  • You won’t save face by withholding embarrassing details. Lying only makes a bad situation worse, but coming clean and acknowledging shortcomings (and how you’ve fixed them) can go a long way towards restoring stakeholders’ trust.
Master Your Security Incident Response Communications Program-Recommendations


  • Effective and efficient management of security incidents involves a formal process of preparation, detection, analysis, containment, eradication, recovery, and post-incident activities: communications must be integrated into each of these phases.
  • Understand that prior planning helps to take the guesswork out of incident response communications. By preparing for several different types of security incidents, the communications team will get used to working with each other, as well as learning what strategies are and are not effective. Remember, the communications team contains diverse members from various departments, and each may have different ideas about what information is important to release.

Methodology and Tools

Executive Brief

Read the concise Executive Brief to find out why you should implement a security incident response communications plan and review the methodology.

  • Master Your Security Incident Response Communications Program – Executive Brief
  • Master Your Security Incident Response Communications Program – Phases 1-2

1. Dive into communications planning

This phase addresses the benefits and challenges of incident response communications and offers advice on how to assemble a communications team and develop a threat escalation protocol.

  • Master Your Security Incident Response Communications Program – Phase 1: Dive into Communications Planning
  • Security Incident Management Plan

2. Develop your communications plan

This phase focuses on creating an internal and external communications plan, managing incident fallout, and conducting a post-incident review.

  • Master Your Security Incident Response Communications Program – Phase 2: Develop Your Communications Plan
  • Security Incident Response Interdepartmental Communications Template
  • Security Incident Communications Policy Template
  • Security Incident Communications Guidelines and Templates
  • Security Incident Metrics Tool
  • Tabletop Exercises Package

All resources on this page are provided to Cyber Leadership Hub members under license from third parties including Info-Tech Research Group Inc, a global leader in providing IT research and advice.