Actionable insights straight to your inbox

Equities logo

WannaCrypt Offers a Lesson in Crisis Preparedness

In the wake of the cyberattack, Microsoft isn’t the only one people are turning to for answers. is provided by CommPRO Global, Inc. (CommPRO) to give visitors the opportunity to read about events and share opinions for those interested in the integrated communications business sectors. is provided by CommPRO Global, Inc. (CommPRO) to give visitors the opportunity to read about events and share opinions for those interested in the integrated communications business sectors.

In one of the latest, devastating cyberattacks, more than 150 million PCs worldwide were possible targets of “WannaCrypt,” a malicious ransomware attack that targeted three Microsoft platforms that had been retired from standard support: Windows XP, Windows 8 and Windows Server 2003. On May 12, 2017, many individuals and businesses alike were affected – including thousands of PCs used by the NHS in U.K. hospitals.

From a communications standpoint, Microsoft (MSFT) was not only able to issue a timely response on the same day as the attack, but the company was also able to offer a solution – software patches to help ensure protection against the attack. Even though the three Windows versions were retired, and Microsoft only offers security updates for retired platforms as part of “custom support,” the company made the patches available to all users upon recognizing the severity of the breach and their firmly held “principle of protecting [their] customer ecosystem overall.”

The handling of this situation was a good lesson in crisis comms preparedness and response. But, Microsoft isn’t the only one people are turning to for answers. For instance, patients of the U.K. hospitals that were impacted are likely demanding to know that they are safe – as are users of any other WannaCrypt affected business.

So, what steps can other organizations put in place to ensure they can take action and communicate appropriately and effectively during times of chaos?

It all starts with putting a plan in place that gets the crisis response standardized and ready quickly. This is mainly achieved by agreeing in advance on where responsibility lies and mapping that ownership to the plan.

There are many best practices out there for what a standard crisis plan should look like, but here are five steps to always include:

1. Assign a crisis team, including media-trained spokespeople, with a list of contact information
2. Identify roles and responsibilities of the crisis team, as well as any additional resources required like a news monitoring tool
3. Know your key stakeholders, including those both internal and external to your company – and never forget your employees as primary stakeholders since they all become spokespeople and representatives of your brand in a crisis (whether intended or not!)
4. Put steps in place to be followed in the event of a crisis – from first learning about the incident, to communicating it internally, to issuing a prepared statement and position publicly, etc.
5. Organize templates for the statement and Q&A – a series of questions that make sure the key information is included and main points addressed

The crisis plan should be reviewed every 6 months to make sure contact information and resources are up to date. This saves a ton of time in the event you need to get something out there quickly.

If certain types of events are expected more than others, such as cyberattacks, downtime or outages, then you can prepare a statement in advance. These are sometimes risky though because if the statement doesn’t adequately address the issue, then it can do more harm than good. But, it can at least provide a basis to tailor accordingly when such a situation arises.

The overall intention is to be transparent and to be consistent. If something ‘bad’ happens, the idea is not to cover it up, but to rapidly get to the best possible place given all the facts, and then consistently tell the same response, so the story doesn’t continue to spin and you can maintain control. It’s not about wriggling out of the predicament, it’s about knowing your position and having everyone sing the same tune.

Once this type of plan is in place, the best simulation is to actually run a scenario where something happens and the crisis team has to kick the plan into action, finalizing the statement and issuing a response, etc. to see if it works or anything needs addressed further.

Gone are the days when any company can afford to think, “this won’t happen to me.” Putting a plan in place and understanding the steps to action is crucial for every company – before the next WannaCrypt strikes.

About the Author: Meredith L. Eaton is a Vice President at March Communications, focusing on driving awareness and engagement for technology innovation brands in cloud, telco, security, infrastructure, AI and IoT markets. By aligning her clients’ business objectives with PR initiatives, Meredith has helped companies – from large, public brands to niche startups – execute business-critical, integrated campaigns to capture competitive market share and shift brand perceptions.

The Fed model compares the return profile of stocks and US government bonds.