The CrowdStrike Disaster: Managing Communications when the Biggest Security Story of the Year Hits
By Ben Brown, Senior Account Exec at Code Red
Friday…
By the time this day rolls around, most of us are winding down and working to tie up any of the week’s loose ends. But on the 19th of July, as I opened my laptop, it became clear that this Friday had something different in store.
As always, the first part of my day involved scanning the news for any relevant stories that my clients can comment on. Within seconds, it was impossible to miss the headlines—an IT security breach of unprecedented scale was unfolding. Even group chats from friends outside the world of cybersecurity were quick to debate what was occurring. The significance of the situation was undeniable.
Windows machines were reportedly failing to boot, with unconfirmed reports suggesting the problem lay with the CrowdStrike software. Although, at that point, it wasn’t clear whether it was a cyberattack, it was clear that this story would dominate the day’s news agenda.
As the idea of a relaxed Friday faded out of sight, the thoughts amongst our team turned to helping inform our clients about the strategies they should take and advising them of the best course of action in responding to the biggest cyber story of the year so far.
Image: Tweet from CrowdStrike’s CEO
Customised communications are key
The first step after analysing the story was to make all clients aware of what was happening. Just like most days, our role as a PR agency is to promptly inform all clients about any news breaking that is relevant to their business. Quickly, we all worked to flag the news, providing a concise overview of what had happened alongside examples of media coverage.
In cases where other vendors are involved, it’s crucial to handle the situation delicately. A story of this sensitivity requires a measured response to avoid any appearance of capitalising on another’s misfortune. Therefore, alongside our breakdown of the events, we were clear to advise a measure of restraint.
It was next important to establish each client’s preferred communication strategy for the day. Every company will have different approaches and relationships; do they want to be informed of all emerging comment opportunities? Would they prefer to remain silent? Or do they have specific material they wish to release?
This had to be established early on so that for the remainder of the day all updates that followed were timely and relevant. Understanding client preferences allowed us to tailor our communications accordingly and ensure that each client’s approach is respected and effectively managed.
Staying ahead with regular updates
With a story of such magnitude, a single notification is far from sufficient. Our responsibility extended to providing continuous, real-time updates as the story developed and gained traction.
To achieve this, our team of Account Executives maintained a vigilant watch on the media landscape, tracking coverage from national outlets to top-tier trade publications. This ongoing surveillance allowed us to identify who was covering the story, ensuring we had a comprehensive understanding of its reach and impact.
It was also crucial to monitor for any analysis or commentary offered by other vendors. Of course, this was a sensitive topic, but if any clients had expressed that they had grounds to comment, then we wanted to be sure that what we were putting out to the media was in line with the broader debate.
Here’s a short breakdown of what our process involved:
- Consistently tracking both mainstream and recognised top tier media outlets for new developments and coverage angles.
- Providing clients with frequent, concise updates on the story’s evolution, including major headlines, any new developments, and significant shifts in narrative.
- Highlighting instances where our clients can contribute meaningful insights or perspectives, ensuring they remain relevant and visible in the conversation.
It’s not over yet
Now at the start of a new week, the dust has started to settle, and the initial media storm has passed.
For us, the job isn’t over as we begin to focus on the bigger picture. Thinking ahead to how the story will progress is essential for ensuring that our clients can continue to contribute to the debate where relevant.
The breadth of sectors affected by last Friday’s breach has sparked a broader discussion about our potential overdependence on the internet and IT infrastructure.
To effectively participate in this ongoing conversation, we need to identify key themes likely to emerge, such as cybersecurity resilience in healthcare or adopting a risk-based approach to IT security. Developing targeted narratives that address specific industry concerns will showcase our clients’ insights and solutions tailored to these areas.
This forward-looking strategy will ensure our clients remain relevant and influential as the conversation around this significant IT security breach continues to unfold.