Founded on the company’s extensive expertise in security research and crisis communications, this new offering includes training sessions and tailored workshops for information security leaders and corporate communications teams. It also provides employees with efficient operation security tools for communication security and encryption as well as best practices to handle communications internally and externally while an organization is under attack.
The consequences of a data breach can be devastating for businesses with the average financial impact costing enterprises an estimated $1.23 million in 2018. This includes around $132,000 of costs associated with the additional public relations activities required to recover brand reputation. Additionally, only 47% of Chief Information Security Officers (CISOs) regularly collaborate with their corporate communication departments1 which can impact an effective communications response in the case of an incident.
Kaspersky’s expertise in incident communications comes from an advanced attack on the company’s own internal networks dubbed Duqu 2.0. At the same time as the Global Research and Analysis Team (GReAT) was conducting their threat investigation, the corporate communications team was working alongside their efforts to develop internal and external messaging to effectively communicate to employees and customers in order to prevent misinformation on the attack.
“It is not unusual for people from corporate communications and IT security teams to work in the same enterprise, but not know each other personally,” said Alejandro Arango, global director, corporate communications at Kaspersky. “The heightened threat of cyberattacks has changed this dynamic, with IT and communications departments needing to work closely together to minimize damage and disruption. However, it can be a challenge for large corporations to bring these representatives together to cooperate, and even if it does happen, they may not understand each other as they speak different business languages. That’s why it is essential to prepare for such cases in advance, to know who should be involved, what their role is and which tools and processes should be in place.”
The Kaspersky Incident Communications service has already received interest from a number of organizations including the Ministry of Internal Affairs of Serbia who requested support for its process of disclosing information about cybersecurity incidents as well as a series of Kaspersky Incident Communications training sessions in June 2019.
“Communication to the public about major cyber incidents is crucial, especially for government organizations, because we collect and store data from our citizens,” explains Nebojsa Jokic, head of CERT, Ministry of Interior, Serbia. “Any doubt in our ability to protect private data could impact our reputation and reduce trust in the Ministry and other government services. If incidents do occur, timely and meaningful communication to the public will prevent rumors and disinformation.”
Standard Versus Premium Offering
The service is available in two versions, Standard and Premium. The Standard package provides the foundation needed to build and activate an effective communications plan in the event a cyberattack. It consists of the following elements:
Overview of the threat landscape aimed at helping corporate communications teams understand the difference between malware, ransomware, APTs and unknown cyberattacks as well as how each can affect corporate reputation.
Deep dive into prior experience in which Kaspersky’s own corporate communication team responded to the Duqu 2.0 incident.
Operational security essentials to provide communications professionals with technical toolkits that can be used for encrypting messages, calls and emails, as well as tips on how to effectively cooperate with IT security and incident response teams.
For customers looking for more advanced knowledge specific to their needs, Kaspersky offers a Premium package which includes the following elements in addition to the Standard package:
Pre-workshop audit of existing incident management plan, organizational structure and reporting lines conducted in cooperation with the executive responsible (typically the CISO and chief communications officer).
Deep dive talk on cyber threats that are particularly relevant for a specific company based on its industry, region and size.
Scenario-based war room with practical exercise to help understand which communications assets and processes should be developed as a part of the communications plan.