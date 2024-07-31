We don’t live in a perfect world, and in the chaos following an incident, there are often a lot of disagreements between what the cybersecurity team can or wants to reveal and the actual PR approach.

Disagreements often arise from the fact that these two groups may be thinking about very different audiences when refining their messages, said Melanie Ensign, Communications Strategist, Founder and CEO of Discernible, the world’s first Communications Center of Excellence focused exclusively on security and privacy teams.

“Often what I see is that the PR team is speaking about what we say to journalists or what we put on social media or on our website,” said Ensign during a phone interview. “Then we have security teams who are thinking about their peers in the industry and don’t want to be embarrassed by any information released that could be technically inaccurate.”

Having different audiences means the two distinct groups have very different goals in their outreach. The cybersecurity team is focused on the incident itself: what caused it, how to fix it and how to keep it from happening again. The overall team goes into action to mitigate and remediate the problem as soon as possible.

The PR team’s job is to manage the damage and present a positive light in a worst-case scenario. They are the people pressured for an instant response, Ensign explained, and are expected to say things that will make customers happy and often are pushed into making it appear that everything will be fixed quickly.

This is when the disagreements happen. Both sides are doing their jobs, but cybersecurity teams think that PR teams raise expectations on solutions and the comments aren’t as detailed or technical as the cybersecurity team would like them to be. This can be confusing to customers who are seeing one set of comments from PR but are hearing something different from the cybersecurity team.

On the other hand, the cybersecurity team’s concern around a cyber incident is concentrated specifically on the incident itself. The PR team has to look at and communicate the bigger picture. Data breaches, ransomware attacks and DDoS attacks result in downtime for the organization. PR professionals are tasked to be the calming voice when a hospital is offline for hours or days at a time. They are the ones who have to balance communications around financial losses, details about compromised data and any legal issues.

Again, as Ensign pointed out, the biggest conflict between the two groups is different sets of end goals and the time frames for releasing different types of information.