Excellent response by British Library
This would have been a good talk to listen to at CyberUK. Roly Keating (CEO of the British Library) explaining how bringing transparency and a little emotional intelligence into their communication following a ransomware attack became very important.
Connor Jones
“We were having very strong feelings of frustration, anger, anxiety. Those feelings were shared by our staff, whose data had been lost. Our users’ data had been taken away and published. So, gradually we increased our focus on wellbeing, paying attention to how people were feeling. Keating said the BL started to adopt a more human voice, apologizing where necessary, and acknowledging the difficulty of the bouts of uncertainty that come with a ransomware recovery.”
Transparency and authenticity are incredibly important in incident response. It builds trust. You might not have an update, but if you say you’re going to update hourly then do it.
I always tried to remember I was updating people for a reason. That it wasn’t just a process to be followed. They needed to know. It was important, sometimes vital, and there was nothing they could do about it. Normal people will get anxious and frustrated at those times. Some will get angry. So communicate with them like a human being, not like a robot (or a damn politician).
Most communication in life is making a connection. It shouldn’t be neglected in these situations either.