Timely communication can help address issues in real time
Is the library open? Can I renew my driver’s license? Are vendor deliveries running on time? Will voting take place as scheduled? Has my court date changed?
A key impact of the Fulton County cyberattack is the anxiety and confusion of Fulton County citizens, who learned that government promises of privacy and data security are easily breached.
Several weeks ago, lightning struck Fulton County in the form of a cyberattack in which hackers stole massive amounts of data from county files, including countless personal files covering everything from tax payments to library withdrawals.
The damage continues. For a time, tax payments were unable to be processed and more than half the government’s phone lines were inoperable. Functions are being restored, but only after weeks of uncertainty and inconvenience. In the meantime, thousands of citizens were left to wonder what went wrong and how soon it would be fixed.
The county has responded by:
Refusing to pay a ransom for the information. This decision was helped by quick action from U.S. and international law enforcement agencies which shut down LockBit, the villainous enterprise behind the attack.
Pledging to spend about $10 million to upgrade the county’s outdated computer systems.
Intending to be more direct in communicating with its inconvenienced and distressed citizens.
Now, weeks later, there are two challenges facing Fulton County: Prevent another attack in the future and prepare to better communicate with citizens when it does happen.
These challenges are not limited to Fulton County — businesses of every size, nonprofits and government agencies all must prepare for protection from cyberattacks and the communications required in the aftermath.
Effective communication is critical. Whether you’re a city council representative or a corporate CEO, the odds are high that you’re going to face a cyberattack. Communicating with your key stakeholders –– voters, customers, or employees –– is critical.
Here are three steps you can take immediately:
Recruit a senior team of key operating executives and other experts. Ask them to assess the organization’s vulnerabilities. Don’t wait until cyber-criminals leverage those weaknesses to their own advantage.
Ask the team to identify potential crisis scenarios. That exercise usually begins with questions like “What if … “ What if we lost access to delivery schedules? What if the hospital could not access patient records? What if we temporarily couldn’t invoice our customer accounts?
Draft statements for each scenario that quickly tell people what happened, what you’re doing to fix the problem, and what’s next.
Don’t wait until you're in the middle of a crisis before you think about and plan your response. Computer systems can be replaced; confidence is more difficult to restore.