“Being prepared is preventive medicine.” Putting this principle in practice can help you stay calm and composed even during times of crisis, such as a cyber emergency. Cyberattacks have become more common and pernicious. It would be wise for healthcare organisations to prepare for one in advance so they arent scrambling last minute and make matters worse. A cyber emergency management plan need not come in thick three-ring binders. They pretend to be comprehensive but are usually ineffective because no one reads them, says Eden Gillott, president of a strategic communications and reputation management firm. She is the author of A Board Members Guide to Crisis PR. Gillott says a concise plan based on these “simple concepts” could help make a cyber crisis less terrifying. 1) Build a team. Select people who are good at dealing with a crisis. It only gets worse during an actual crisis, and you need your strongest people watching your back. Besides in-house staff, youll need: an outside attorney who specialises in privacy and cybersecurity (laws and requirements are constantly evolving); an IT security consultant (your own IT department may not be as familiar or comfortable dealing with such matters); and an insurance agent whos familiar with your cyber insurance policy. 2) Create an action plan. You really cant know what to say until an event happens. But you can understand the broad rules and messaging: Reassure. Dont alarm. Never let the public see youre nervous. Demonstrate youre in control by avoiding cookie-cutter statements which are perceived as insincere and weak.

Source: Click here