Cyber Crisis Communication Plans: What Works and What Fund Managers Should Avoid (Part One of Two)

As cybersecurity breaches continue to proliferate and criminals become more sophisticated, fund managers face significant reputational and financial threats. Not every cyber incident results in a far-reaching data compromise or disclosure of confidential information, but even a small incident can erupt into a high-profile event depending on whether it becomes public. The publicity surrounding these events can escalate the problem beyond the actual breach and raise the stakes on how fund managers respond. This first article in our two-part series on cyber breach communication plans explores how to identify vital participants and their roles; details key playbook components and the benefits of advance planning; and offers guidance on how to communicate during a cyber crisis event. The second article will describe ways to coordinate with a third-party vendor; strategies for handling external communications with the media, regulators and others; and methods for overcoming common pitfalls and challenges. See “What Fund Managers Can Learn About Cyber-Breach Disclosure From Yahoo’s $35‑Million SEC Settlement” (May 10, 2018); and “Cyber Insurance Coverage, Pre-Breach Mitigation Efforts and Post-Breach Response Plans Can Reduce Harm to Fund Managers From Cyber Attacks” (Jan. 19, 2017).

To read the full article

Continue reading your article with a PELR subscription.