Marina Mara, International Media, Brand, and Reputation Advisor, recently spoke at the Thomson Reuters industry event entitled ‘Cybersecurity & Breach Response Bootcamp’ about the critical role executives play in steering the narrative and preserving trust when cyber incidents strike.
Drawing from two decades of experience in high-stakes communications, Marina shares how to lead the public-facing response with clarity, credibility, and confidence, ensuring that reputational risk doesn’t become a second crisis.
What is a cyber crisis?
A cyber crisis is not merely an IT concern but an executive-level threat with the potential for PR catastrophe. A single breach can erode investor confidence, cause customer attrition, and thrust an entire leadership team into the spotlight. Reputations can crumble at the speed of a tweet.
CEOs and senior decision-makers can no longer afford to treat cybersecurity as a technical function—it’s a business continuity threat, a trust crisis, and, above all, a reputational reckoning. It’s not a matter of if, but when. And when it happens, your response’s speed, clarity, and strategic precision will define your company’s legacy for years to come.
The CEO’s role in a cyber crisis
A breach doesn’t just expose technical weaknesses; it reveals cracks in leadership. The world isn’t just watching how quickly your IT team patches the system; it’s watching how you, as the face of the company, respond under pressure. The wrong response—or worse, no response—can inflict long-lasting damage. Silence invites speculation, and delay signals instability. Defensiveness raises red flags.
What you need to remember is that customers expect transparency. Investors demand stability. Regulators require accountability, and in the end, the media will define the narrative—unless you do it first.
Why many companies fail
A cyber crisis is not the time to improvise; it’s a high-stakes stress test for leadership. Yet, too many organisations unravel under pressure due to fragmented messaging, siloed teams, overly legalistic statements, and reactive decision-making that amplifies confusion rather than containing it.
What often begins as a technical breach quickly metastasises into a reputational crisis, not because of the incident itself, but because of how it’s handled. Inconsistent internal alignment, a lack of pre-approved messaging, and unclear roles lead to paralysis. The result? Public silence, media speculation, and stakeholder mistrust.
This isn’t just a PR misstep—it’s a reputational time bomb. And in today’s hyper-connected media landscape, the fallout doesn’t stay confined to the IT department; it plays out across newsfeeds, boardrooms, and share prices in real time. The companies that fail aren’t necessarily the ones that get breached—they’re the ones that lose control of the narrative.
The playbook for reputational survival
Contrary to popular belief, crisis communications isn’t about spinning a story; it’s about controlling the narrative before it controls you. The foundation is preparation, not a theoretical document gathering dust, but a living, rehearsed, and leadership-approved plan. Without a plan, even seasoned leadership teams risk hesitation, internal conflict, and reputational freefall.
In the heat of a breach, clarity doesn’t emerge— it must already exist.
Speed is leverage
The first 24 hours shape the entire trajectory of the crisis. That doesn’t mean issuing a rushed statement; it means having a high integrity holding message ready to go. Delays create a vacuum, and vacuums are often filled by speculation and misinformation.
Alignment is non-negotiable
In a cyber crisis, disjointed voices from legal, IT, comms, and leadership don’t just create confusion; they undermine trust. Stakeholders expect clarity and cohesion, and anything less signals internal instability.
Execution beats reaction
Crisis-ready leaders don’t scramble; they execute. In the pressure cooker of a cyber breach, instinct isn’t enough. What separates resilience from reputational collapse is a well-rehearsed protocol that’s already been stress-tested behind closed doors. Reaction is emotional. Execution is operational.
When leaders have clarity on roles, messaging, and next steps, they project stability and control—two critical currencies in a trust crisis. It’s not about thinking fast; it’s about thinking ahead.
The human element
Corporate jargon won’t calm a panicked public. In moments of uncertainty, people want to hear from a strong and reassuring spokesperson with a human voice, not a legal team. We’re seeing a surge in what senior PRs call the ‘non-apology apology’—a statement that ticks compliance boxes but feels hollow. Often written by committees or lawyers, these responses fail to resonate because they lack ownership and emotional intelligence.
In addition, many CEOs avoid apologising altogether. They’ll discuss corrective action, but struggle to express genuine remorse, when a well-delivered, authentic apology can demonstrate strength, compassion, and control.
Deconstructing crisis messaging
A cyber crisis involves two simultaneous challenges: the technical fix and the public perception. Often, the latter has the longest-lasting impact.
Transparency matters
Generic statements like “We take cybersecurity seriously” no longer cut it. Stakeholders need clarity, specificity, and timely updates.
Framing is everything
Compare “We regret this incident” with “Here’s what we’re doing to protect you.” One is vague, the other builds trust.
Own your narrative
In a vacuum of information, misinformation thrives. The faster and more clearly a CEO steps forward, the more stability they signal.
Key takeaways:
- You must establish a crisis chain of command
- Embed simulations into executive training
- Pre-approve holding statements
- Align internal and external messaging
- Use plain, sincere language over PR or legal speak
RELATED: Future of Professionals Report 2025
From crisis to comeback
The breach may be contained, but the reputational fallout can last months or years.
The mistake many companies make is assuming the crisis ends once the media cycle moves on. But the real scrutiny begins in the aftermath. Customers remain skeptical. Investors quietly reassess. Journalists monitor for any slip that could reignite the narrative. But resilient organisations don’t go silent; they show evolution. They publicly share what they’ve changed, what they’ve learned, and how they’re preventing a recurrence.
Mastering crisis leadership
For CEOs, CTOs, and senior communicators, the question isn’t if a crisis will strike—it’s how prepared they’ll be when it does. Crisis preparedness must be embedded into the executive culture, not activated as a last resort. That includes scenario planning, message training, and reputation risk mapping.
When the pressure mounts, your firewall can only do so much. It’s your leadership that will define the outcome.
