The Vulnerable State of Campaign Cybersecurity Is a Communications Lesson for All

In early August, Politico broke news that Donald Trump’s presidential campaign was hacked.

Days later, the FBI announced it was probing the intrusion and said the Biden-Harris campaign was also a potential victim. Fast forward to late August, and the FBI confirmed the Iranian regime was behind the cyber-attacks. Now, as we enter the final months of the campaign, we’re learning that foreign adversaries like China and Russia are again using cyber-attacks to meddle in the presidential election.

The Iranian hacking attempt and China- and Russia-backed online propaganda underscores the lengths adversary nation-states will go to interfere in U.S. elections. Campaign correspondence, voter information, and election infrastructure are all valuable targets.

These incidents should be a wake-up call for all organizations. Cyber criminals are in the business of preying on digital weaknesses. Whether it’s a political campaign, our financial systems, or the infrastructure that makes the world go round, all organizations are at risk.

The U.S. government, through the Cybersecurity and Infrastructure Security Agency (CISA), has developed guidelines and best practices for securing your organization’s information and infrastructure. But in the event of an attempted or successful cyber-attack, is your organization ready to answer the most pressing questions? How did this happen? Who is affected? What happens next?

Here are some ways RH can assist you:

Develop a communications plan before a cyber-attack occurs.

In today’s 24-hour news cycle, where information spreads instantly, you should be ready to quickly inform your employees, stakeholders, the media, the public, and policymakers after an attack occurs. It’s up to you and your organization to control the narrative around the hack or risk being pulled into a news cycle fueled by “unnamed sources.” Make sure your side of the story is told through a communications plan that includes:

• An external communication strategy that’s tailored to your needs and digestible to the media and consumers of their media. It should include details around all relevant communication channels and the protocols and procedures that are triggered when a crisis happens.
• An internal and stakeholder communications strategy that provides specific audiences with timely and relevant information such as details on the event itself, who or what has been affected, and your organization’s next steps. This may also include guidance to this audience about what can or cannot be shared externally. The press is resourceful, and your communications office isn’t the only source reporters will use to gain exclusive information.
• A policy audience response plan to get ahead of inquiries from policymakers. In the wake of a successful cyber-attack, state, local, and federal officials will ask questions, and if the event is significant enough, you could be called to appear before congressional committees. If that happens, your organization needs to be prepared to respond.

Does your organization need an agency partner to help prepare in the event of a cyber-attack?  Reach out to RH Strategic’s team of experts who operate at the intersection of public relations, public affairs and cybersecurity.

***

RH Strategic is a Seattle and D.C.-based PR agency with a nationwide presence and additional global reach via membership in the Worldcom Public Relations Group. We provide strategic public relations for innovators in the technology, government, healthcare, and social and environmental impact markets.