In today's interconnected world, cyber-attacks, including the devastating ransomware threat, loom large over New Zealand businesses and organisations. As technology advances, robust cybersecurity measures are vital for safeguarding against this rising menace. Among the various elements that contribute to effective cyber defense, communication stands out as a fundamental pillar.  

In the recent past, Wright Communications has worked with Delta Insurance, specialist cyber insurance lawyers, forensic IT experts, and loss adjusters on several cyber-attacks in New Zealand.  

No-one is immune. These attacks have impacted commercial operations, not for profits, business membership organisations and government ministries and agencies. 

In this blog, we will explore the importance of communications, including an Infosec Communications Plan and regular cyber-attack rehearsals, in the context of cyber-attacks and how they play a crucial role in strengthening the digital defense of New Zealand businesses. 

Rapid Response and Incident Management 

During a cyber-attack, time is of the essence. While the planting of malware may have taken place days or weeks earlier, once a system is encrypted the impact on an organisation is immediate and overwhelming.  

An Infosec Communications Plan tailored to the specific needs of New Zealand businesses outlines communication protocols, roles, and responsibilities in the event of a cyber-attack, including ransomware and other malware incidents. Such a plan ensures that key stakeholders within New Zealand organisations are informed promptly, enabling a rapid response to mitigate the damage.  

Regular rehearsals of cyber-attacks, including simulated ransomware incidents, help New Zealand businesses fine-tune their IT response and organise their communication channels, ensuring seamless coordination and quick decision-making during real-world scenarios. 

Information Sharing and Collaboration 

An effective Infosec Communications Plan developed specifically for New Zealand businesses includes provisions for information sharing and collaboration both internally and externally. In the context of cyber-attacks, it facilitates the rapid dissemination of critical information about the incident, enabling stakeholders within New Zealand organisations to take appropriate measures.  

Crisis Communication and Public Relations 

A well-prepared Infosec Communications Plan tailored to New Zealand businesses includes provisions for crisis communication and public relations strategies. During an attack, New Zealand organisations can leverage this plan to communicate with stakeholders, and the public. Clear and timely communication, combined with an established framework for public relations, helps manage the immediate crisis and minimise reputational damage.  

Cyber-attack rehearsal 

Rehearsing cyber-attack scenarios efficiently tests systems and channels, refines communication messaging, and familiarises key individuals with issues management principles. It also creates a sense of preparedness and comfort if the scenario or a similar issue were to occur. 

A comprehensive scenario rehearsal for New Zealand businesses would involve the senior leadership team, as the nominal Crisis Management Team. Key IT managers, relevant business suppliers, and relevant business partners should also participate. Wright Communications, acting as facilitator and communications advisor, supplies "role players" during the rehearsal. Our team includes former national media journalists who simulate reporters during the exercise. 

The rehearsal process involves scenario selection, participant communication, event execution with the Crisis Management Team managing the issue, a scenario playing out for one to two hours, and a debriefing to review performance, identify opportunities, and address communication and incident management gaps.  By following this structured rehearsal process, New Zealand businesses can enhance their readiness to respond effectively to ransomware attacks and other cyber threats. 

In summary, for New Zealand businesses, the rise of ransomware attacks necessitates a proactive and tailored approach to communication within organisations. An Infosec Communications Plan, combined with regular cyber-attack rehearsals, strengthens the ability of New Zealand businesses to respond swiftly and effectively to ransomware incidents.