The importance of communications and transparency during a cyberattack
- Alternit One
- May 9
- 4 min read
Updated: 1 day ago
Recent high-profile cyberattacks on UK retailers, such as Harrods, the Co-op and Marks & Spencer, have highlighted the increasingly present risk of cyber threats. In the first few weeks of May 2025, these attacks disrupted supply chains and internal systems nationwide. Cyber risk is no longer just an issue hidden away with IT teams and sky-high boardrooms; it has become a widespread business challenge with significant real-world implications, including reputational damage and regulatory consequences.
This year, we have focused much of our attention on discussing the nature of cyberattacks, their growing complexity, and practical strategies for addressing them - the recent cyberattack scenario workshop at the Northern Trust Integrated Trading Solutions Summit 2025 being an example of this. At Alternit One, we believe that the most crucial factor in mitigating the impact of a cyberattack lies not in the technical aspects of your technology stack or the speed of system restoration but instead in the transparency and clarity of both your internal and external communications during and in the months following the attack.
Communications: The real frontline in your cyber resilience
In the early moments of a cyber incident, organisations understandably focus on the technical response: isolating systems, deploying patches, and establishing contingency plans. But far too often, communications are treated as a secondary concern, which is a critical mistake.
The UK's National Cyber Security Centre (NCSC) makes it clear that effective communication before, during and after a cyber incident can drastically shape public perception, regulatory outcomes, and stakeholder trust in the long term. This is non-negotiable for those in regulated sectors, particularly alternative investment firms that rely on reputation and client confidence.
The NCSC outlines three key principles for cyber crisis communication:
Prepare your strategy
Tailor your messaging to different parties
Manage the aftermath with transparency and consistency.
For our clients, who often operate with lean in-house teams, this framework is essential in building a communications playbook that works under pressure.
Why transparency matters more than ever
According to IBM's Cost of a Data Breach Report 2024, the global average data breach cost has risen to $4.88m, mainly driven by business disruption and customer attrition. Poor communications can aggravate these costs by fuelling confusion, creating gaps in stakeholder knowledge, and prompting further regulatory scrutiny. Worse still, a lack of transparency erodes trust, with silence or minimisation being perceived as dishonesty.
The NCSC and the Information Commissioner's Office (ICO) are clear: covering up a cyberattack in the hopes that it 'goes away' is counterproductive. When attacks go unreported, attackers aren't deterred; they're emboldened. Sharing up-to-date progress reports with clients and key stakeholders and later reporting on how your organisation responded within safe, non-sensitive limits contributes to sector-wide resilience and shows leadership under duress.
Communications in action: From preparation to recovery
Preparation is where effective cyber communication starts. This means having pre-approved templates for internal updates, media statements, and customer notifications. It means identifying and training credible spokespeople and understanding which channels (newsletters, social media, personally used applications or client portals) can be best used should primary systems be offline.
During an incident, clarity, timeliness, and accuracy are vital. Stakeholders, internal staff, clients, regulators, and the media will have different needs. Communicating effectively with each group requires tailored messaging that doesn't contradict core facts. According to the NCSC Guidance on Effective Communications, it's better to say, "We are investigating and will share more once verified", than to make premature assurances that could later be disproved.
Post-incident, the communication journey is far from over. Reputation repair takes time, and narratives around data exposure or service disruption may resurface months later. Ongoing updates, open channels for enquiries, and a commitment to sharing lessons learned can help rebuild trust.
The British Library's 2023 ransomware incident offers a strong example here. By publishing a post-mortem of their response, they demonstrated accountability and a willingness to contribute to collective improvement. While not every organisation will choose or be able to give this level of disclosure, it reflects the increasing expectation that leadership includes visibility.
How Alternit One supports client communication strategies
At Alternit One, we understand that technology and communications are intrinsically linked. Our expertise in unified communications, cybersecurity, and public cloud solutions enables us to help clients maintain secure, functioning communications channels even during a crisis.
Whether building out alternative communication infrastructure, supporting regulatory notifications, or preparing post-incident updates, we provide end-to-end support to ensure our clients remain credible, composed, and compliant in the face of cyber adversity.
Final thoughts
In 2025, a cyberattack is no longer a technical anomaly, it’s an operational risk that can no longer be ignored. In this new reality, how a firm communicates can be as important as how it defends itself. The imperative for regulated firms operating in high-trust environments is clear: communication is not a supporting act; it is the centre stage.
Contact us today if you'd like to find out how Alternit One can help you build a cyber-ready communications strategy.
References:
