Simulate a press conference relating to a public hack where personal information and credit card data was released and included the following information:
1. Introduction and description of your crisis including which stage of the crisis the press conference is taking place in.
2. Description of how you will handle a press conference, including what types of media will attend, who will manage the start and finish of the conference, and who will be the designated spokesperson.
3. Draft a statement that the spokesperson will present.
4. Draft three trick questions that the reporters may potentially ask in this particular situation, and provide your answers to those trick questions.
I have provided an outline for you. You should review it, add to the outline to meet the demands of your class and information required.
On Tuesday, May 23, 2017, the company suffered a breach of it's security when a regularly scheduled update of systems caused a short term failure in the firewall on the corporate server. As a result, personal information about clients and suppliers was potentially hacked by outside entities. As such, we are making arrangements to meet with members of our board, employees, and the business and national press to inform them of our conclusions, the unknowns, and our current strategies for review and process adjustments to lower risks of this type of event happening in the future.
Our IT department and security departments have been working to identify the severity of the problem, both from our company's assets and our client and supplier assets. We take identity theft seriously. We have in place, a strong risk review policy and our IT workers identified within seconds the breach that was occurring. Immediate steps were taken to limit potential damage and stop the incursions along with preventing other breaches. The firewall issues were fixed and the proper security restored. Security immediately began the process of notifying everyone who had information directly or indirectly at risk. The information and logs of the breach were turned over to the appropriate authorities within one hour of the breach. Cooperative working information exchanges were established with those authorities.
An outline of a press conference about a security issue or hack.