According to ALSO Chief Customer Officer Mark Appleton, businesses must overcome communication roadblocks in cybersecurity.
Appleton said that elevating communication can help businesses fortify their security posture.
“A cyberattack has the potential to impact every aspect of the organisation and make customers question the services and control they have over their security,” said Appleton.
“The latest Cyber Security Breaches Survey revealed that a staggering 78 per cent of businesses lacked a formal incident response plan, so it’s not surprising that over half of UK businesses experience a breach once a month. This underpreparedness puts customers, employees, and stakeholders all at risk.”
However, maintaining effective cybersecurity is not simply an IT concern—it is also a communication concern. Employees and IT leaders must be able to align business goals with cybersecurity strategy, which all starts with addressing communication challenges.
“Communication is just as vital to cybersecurity as every other business function. An inefficient communication system can cause delays and miscommunication, resulting in greater data and financial loss. Businesses must better bridge the gap between cybersecurity and communication to prepare themselves in the event of an attack,” he said.
To heal these issues, it’s important to form a culture of clarity across the organisation regarding the steps taken and embed these communication guidelines into risk management plans.
“With the trust of stakeholders and customers on the line, risk management and crisis plans are necessary to establish a protocol in the event of a data breach. However, consistently communicating through these reaction plans relies on strong internal rapport,” Appleton said.
“The quality of communication in these incidents will heavily influence the outcome of the attack and whether businesses can minimise the long-term effects. Suppose IT leaders can seamlessly integrate cyber communication into risk management. In that case, it fosters a culture of shared responsibility where everyone understands their role in mitigating risks and protecting the business’s assets.”
“These response plans should outline clear procedures for responding to cyber incidents with defined roles for key stakeholders, IT teams, and senior management. This ensures there is no uncertainty regarding guidelines for responding and communicating in a cyberattack crisis, paramount for mitigating the overall impact of cyber risks.”
Appleton said that selecting the appropriate partners to recognise the characteristics of a robust security profile and identify any potential risks is paramount to business security.
“Many IT leaders believe that their business will be secure if they spend enough money on their technology resources. While this certainly helps mitigate risks, poor communication and lack of cohesion between team members can be significant barriers. Without the right systems to use these resources and manage the communication process through a cyber attack, this investment is fruitless,” he said.
“Suppliers and vendors possess substantial knowledge and resources to safeguard business data and can act as vigilant observers and facilitators. Vendors can oversee critical aspects, detect potential issues with cybersecurity, and promptly report to the appropriate teams,” Appleton said.
He said that if the reporting process was swift, the types of attacks would likely be resolved faster.
“Through regular updates on system health and any potential vulnerabilities recognised, vendors can provide immediate notice of the nature of the incident, actions taken, and recommended further steps for IT leaders to secure their network. As such, responses are prompt and coordinated. Working as a unit allows for agility and adaptability to these situations, leading to faster resolutions.”
Mark said, “Without proactive measures, cybersecurity’s communication problem will only worsen. By strengthening business communication and normalising threat mitigation as a process that everyone can participate in, risks can be efficiently managed.
