On 13th October the iNetwork hosted a networking event “Effective cyber and crisis communications”. The event was a collaboration between the Effective Information Sharing and Security (EISS) programme and the Transforming and Innovating Public Services (TIPS) programme, and was chaired by iNetwork partnership director Shelley Heckman. The event brought together a broad range of practitioners with contrasting experiences in managing communications in both cyber and crisis situations. The varied panel consisted of, Senior Academic at the University of Liverpool, Dr Emma Moreton, Head of Communications at Redcar and Cleveland Borough Council, Chris Styles and Campaign & Engagement Manager at Greater Manchester Police (GMP), Benjamin Ashworth.

Dr Emma Moreton began the session by discussing her latest research into communicating cyber threats. The project explores how language, in the context of communicating cyber threats, has an impact on decision-making and human behaviour. The study is unique with minimal linguistic studies undertaken exploring cyber communications. The research is particularly relevant to our members as the study explores the challenges for cyber professionals in communicating risks and threats to non-expert audiences. On the other hand, the research also considers the users’ perspective in understanding, interpreting and evaluating information relating to cyber threats.

Emma explained she drew upon data from over 200 Corpus threat reports downloaded from the National Cyber Security Centre (NCSC) website. The reports in total consisted of 123,321 words which were all analysed as part of the study. Many of the reports published on NCSC were positioned at a wide readership including cyber professionals, individuals and families, large organisations, the public sector and sole traders/self-employed professionals. Following a range of focus groups, initial findings showed that reports would be better tailored to each group of readers to ensure messaging around cyber threats are fully understood. Other findings of the research found that reports had a general lack of human agency when describing cyber attacks making them difficult to relate to for certain reader groups.

Following on from Emma, the event audience heard from Chris Styles who managed the communications for Redcar and Cleveland Council when the organisation experienced a major cyber attack in 2020. Chris explained how the cyber attack, which made national news, affected the council in chronological order.

Initially, Chris explained that all staff at the council were locked out of all systems, unable to perform simple tasks such as logging on to council devices. Communications with staff were difficult as the extent of the attack and the length of time it would affect systems were unclear. In the immediate aftermath of the attack, the council acted quickly and set up an emergency centre which was active for 3 weeks. Chris explained the difficulties of ensuring key services were able to run, without being able to contact staff via the normal channels. The council had to revert back to older methods of communication, with paper briefings placed on peoples’ desks to ensure they had the most up to date information about the situation. Chris mentioned that the public, although concerned by the multiple media reports, experienced the attack very differently as the council managed to keep services running.

Once the media caught wind of the attack the attention on the council was intense, with outlets approaching staff and asking questions the council couldn’t answer. Chris explained the particulars of the attack, highlighting that it was ransomware, however, the council avoided paying the ransom and no personal data of residents was captured during the attack. Chris spoke openly about the conflict he felt around the communications around the attack, highlighting his want to be as open and transparent as possible with all stakeholders. In contrast, the council went with a different strategy and chose only to disclose key information until they understood the full details and impact of the attack.

Reflecting on the attack, Chris had five key learning points and questions for any organisation looking to increase cyber resilience or experiencing a cyber attack.

– Establish a way of making quick decisions
– Do you have a channel of communication away from your server?
– Is your website backed up?
– Focus on what is needed for your organisation
– Trust your staff

Following a short break, Benjamin Ashworth from GMP delivered an informative presentation full of tips and advice for our audience, which rounded off the session. We are now in the age of social media, Ben explained that it is important that organisations react quickly after a crisis situation and swiftly establish themselves as a trusted voice. Social media means details around an event can get distorted, it is, therefore, important organisations are on the front foot to battle false information.

Ben outlined that the public sector has certain responsibilities which they are legally bound to under the Civil Contingencies Act (CCA). The CCA outlines that the public sector has the responsibility to warn and inform stakeholders of major incidents. Ben also discussed Local Resilience Forums (LRFs) which are partnerships made up of multiple representatives from local public services, as a good mode of communicating in a crisis situation. LRFs often have processes in place for standing up multi-agency communications cells making it easier for a public sector body to be able to put out unified messages across stakeholders.

Ben provided more advice on communicating in crisis or in the aftermath of a major incident stating being active on multi-channels, engaging online without audiences and consistent messaging are particularly important with regards to communications. Ben mentioned the impact of major incidents can be felt for many years and the effects on the community don’t just go away. It is important to continue with communications highlighting updates and sensitively marking any anniversaries.

The audience of over 30 members engaged in the event through, with interesting questions and points raised in the chat over the course of the event. We encourage members to visit our website and attend more of iNetwork’s future events.