Crisis Communications and Incident Response in Cybersecurity, with Meredith Griffanti

Send us a text

Our guest in this month’s episode of the Cyber Insider is Meredith Griffanti, the Global Head of Cybersecurity & Data Privacy Communications at FTI Consulting. Ms. Griffanti has worked on some of the most high-profile and highly sensitive data breaches around the world and has successfully navigated responses to incidents such as business email compromise, phishing and spear phishing, DDoS, credential stuffing, nation-state, critical infrastructure and major, double-extortion ransomware attacks.

Ms. Griffanti shares her experience in navigating crisis communications, refining incident response plans and the lessons learned from some of the most high-profile breach incidents known. Our guest advises companies to think about what their worst enemy could do to them and to practice their plans more than once a year:
"So when we were thinking about responding to hundreds of media inquiries, there was no ultimate decision maker on things and eventually we got there. But those types of roles, responsibilities, escalation protocols and processes, those are the things you want to have down in your playbooks now, before an incident happens".
The conversation touches on the most common communications mistakes that companies make when facing a breach:
"We see companies prolong the news cycle by saying it was an outage and then moving to security incident, then moving to cyber attack, then ultimately ripping the band aid off and saying it was ransomware".

All this and much more is discussed in this episode of The Cyber Insider podcast by Emsisoft, the award-winning cybersecurity company delivering top-notch security solutions for over 20 years.

Be sure to tune in and subscribe to The Cyber Insider to get your monthly inside scoop on cybersecurity.

Hosts:

Luke Connolly – partner manager at Emsisoft

Brett Callow – threat analyst at Emsisoft

Intro/outro music: “Intro funk” by Lowtone.