Crisis Comms & Public Relations after a Cyber Security Incident

Course Overview

A one day non-technical course, aimed at preparing organisations to manage their crisis communications and Public Relations after a cyber security incident. The course is aimed at both communications and PR professionals, as well as crisis, resilience and business continuity professionals.

The Crisis Comms & Public Relations after a Cyber Security Incident course will teach participants how to understand the requirements of responding to a cyber incident and how to develop appropriate communications under the particular circumstances of a cyber incident. Topics include cyber risk assessments, crisis response hierarchy and working with CIRT teams and learning from other organisation's communications' successes and failures.

This Crisis Comms & Public Relations course can be run in-house at your premises or it can be delivered live online.

"Thankfully, we now live in a world where it is accepted that data breaches happen and organisations are more comfortable disclosing that they have been victim to an attack. However, with this welcome move away from victim blaming, organisations are now being judged more on how well they manage a breach.” - Brian Honan, Computer Weekly

If you are interested in arranging this course for your workplace call:
UK 01253 542650
Rest of world +441253542650

What's included?

  • Course slides and notes
  • Certificate of attendance
Back to top

Details & Programme


Course Overview and Introductions

Module 1 – Introduction to Cyber and the Threat Landscape

  • What are the possible types of cyber attacks?
  • Double and triple ransomware attacks
  • Good & poor communications and PR practice examples in response to cyber incidents

The above points will be illustrated by a number of case studies.

Module 2 – Understanding your organisation’s threats, level of preparation and impacts if an attack were to occur

  • What are the particular threats to your organisation?
  • How to understand the impact of a cyber incident
  • Cyber security standards and what you have in place
  • Data risk assessment - what you have to lose and the consequences if there is a data breach

Module 3 – Crisis Communications Response Framework

  • Roles and responsibilities of Communications and PR during cyber incidents
  • Communications role within a CIRT
  • Coordination of internal and external communications

Module 4 – Communications Response Strategies

  • Low profile and maximum exposure communications strategies - what has worked and what has not
  • The benefits and downsides of each communications channel
  • Responding on a full ransomware lockout when channels and information may not be available to responders
  • Preparation for a cyber incident, including website preparation and providing information to stakeholders

Module 5 – SEPA Case Study

  • Learning from the SEPA cyber incident of Christmas 2020, including a review of external communications

Module 6 – Stakeholder Identification and Regulatory Reporting

  • Identifying the stakeholders which need to be communicated with under different scenarios
  • Statutory and regulatory reporting
  • Requirements and timings for reporting to the ICO
  • Development of an effected stakeholder communications plan in response of ICO reporting requirements

Module 7 – Developing Lines to Take and Responding During a Cyber Security Incident

  • Developing lines to take in response strategies and writing internal communications statements
  • Use of appropriate language and terms
  • Framing your response
  • Explaining ransomware pay or not to pay decisions
  • Identify appropriate support to be offered to those effected
  • Exercise to practice skills leaned

Final Quiz and Feedback

  • Final quiz to check understanding
  • Debrief of the course
  • Actions and next steps

Duration and Cost

The duration of this Crisis Comms & Public Relations after a Cyber Security Incident training is 1 day and up to 12 people can attend one course.

The cost of this course is £4,950 for 1 day and £3,950 for subsequent days, plus tutor expenses if delivered face-to-face. Bespoke work may incur additional costs.

Back to top

Course Benefits

  • Know what actions you can take now to ensure that you are prepared
  • Communication with stakeholders will define your organisation's success or failure during a cyber incident
  • Avoid making the same communication mistakes other organisations have made responding
Back to top

Who Should Attend?

  • Communications and PR professionals
  • Crisis, risk and business continuity practitioners
Back to top


“What a thoroughly useful course this proved to be. The course was pacy enough to maintain interest, yet there was plenty of time to discuss aspects of the course that we needed more insight into. The team learnt so much and feel ready and fully equipped for any eventuality.”

Chantelle Binley
Next Plc

Overall course rating: 10/10


Back to top

Sign-up to our newsletter

We value your privacy

We use cookies to enhance your browsing experience, serve personalised ads and understand how our website is used. By clicking "Accept All", you consent to our use of cookies. Our cookie policy