{"id":3315,"date":"2025-05-26T07:00:00","date_gmt":"2025-05-26T07:00:00","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=3315"},"modified":"2025-05-26T07:00:00","modified_gmt":"2025-05-26T07:00:00","slug":"the-7-unwritten-rules-of-leading-through-crisis","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=3315","title":{"rendered":"The 7 unwritten rules of leading through crisis"},"content":{"rendered":"
\n
\n
\n
\n
<\/div>\n

Virtually all enterprises have some form of crisis management plan in place. Yet simply creating a crisis management program isn\u2019t enough. What\u2019s often more important are the unwritten rules that help ensure the program is executed effectively when crisis hits.<\/p>\n

Whether you\u2019re facing a data breach, a production outage, or a cloud misconfiguration gone wrong, how you manage a crisis can make or break the trust in your team and your technology, says Trevor Young<\/a>, chief product officer at cybersecurity technology and services provider Security Compass. \u201cI\u2019ve seen how critical crisis management is across all domains \u2014 especially as systems become more complex and threats more dynamic.\u201d<\/p>\n

But no matter how comprehensive and detailed your organization\u2019s crisis management<\/a> plan is, it won\u2019t go smoothly under duress if you can\u2019t lead through crisis. Here are seven fundamental rules for navigating your organization out of a bad situation quickly and with minimal damage.<\/p>\n

Rule 1: Resilience requires calm \u2014 but not silence<\/h2>\n

Your first move shouldn\u2019t be panic-fixing everything in silence, Young says. \u201cYou need to let people know what\u2019s going on, including your team, your leadership, and sometimes even your customers.\u201d Keeping everyone in the loop calms nerves and builds trust.<\/p>\n

Silence makes everything worse, Young warns. When people aren\u2019t sure what\u2019s happening, they assume the worst. \u201cThis leads to confusion, bad decisions, and a lot of finger-pointing,\u201d he explains. \u201cOffer clear, honest updates \u2014 even if you don\u2019t have all the answers \u2014 and keep everyone focused and working together.\u201d<\/p>\n

Rule 2: A proactive mindset sets the stage for collective learning<\/h2>\n

Confusion is contagious. \u201cProviding clarity about what\u2019s known, what matters, and what you\u2019re aiming for, stabilizes people and systems,\u201d says Leila Rao<\/a>, a workplace and executive coaching consultant. \u201cIt sets the tone for proactivity instead of reactivity.\u201d<\/p>\n

Simply treating symptoms will make the problem worse, Rao warns. \u201cMisinformation spreads, trust erodes, and well-intentioned responses become counterproductive.\u201d<\/p>\n

Crisis is complexity on steroids, Rao observes. \u201cWhen we center people, welcome multiple perspectives, and make space for emergence, we move from crisis management to collective learning.\u201d<\/p>\n

Rule 3: Communication makes teams solution-oriented<\/h2>\n

Whether it\u2019s a service outage, security incident, or delivery delay, a closed-door response breeds mistrust, says Antony Marceles<\/a>, a technology consultant and founder of software staffing firm Pumex. \u201cThe faster you acknowledge an issue and lay out next steps, the more credibility you\u2019ll preserve, even if the situation itself is still evolving.\u201d<\/p>\n

Implementing openness requires building muscle before the crisis hits, Marceles says. \u201cAt Pumex, we\u2019ve created internal escalation protocols, client communication templates, and even dry-run drills for different types of incidents,\u201d he says. \u201cWhen the pressure is on, the last thing you want is having to figure things out on the fly.\u201d Marceles adds that loss of trust is the biggest risk. \u201cIn the services industry, once that\u2019s gone, it\u2019s incredibly hard to earn back.\u201d<\/p>\n

Transparent communication not only calms nerves, but it also positions your team as trustworthy and solution-oriented, Marceles says. \u201cIt creates space for collaboration instead of blame.\u201d He recalls that early and honest communication during a recent vendor-related outage actually strengthened one client relationship. \u201cThat\u2019s because we were upfront, responsive, and visible throughout.\u201d<\/p>\n

Rule 4: Transparency and head-on response foster much-needed trust<\/h2>\n

Immediate transparency and rapid, informed response form the cornerstone of successful crisis management, says Hiren Hasmukh, CEO and founder of IT asset management technology provider Teqtivity.<\/p>\n

You can\u2019t hide from a crisis, and attempting to do so only compounds the damage, Hasmukh warns. \u201cClear visibility into what happened allows you to respond effectively and maintain stakeholder trust during challenging times.\u201d Organizations that delay acknowledging issues inevitably face greater scrutiny and damage than those that address situations head-on.<\/p>\n

Trust is incredibly fragile during a crisis, Hasmukh observes. Competitors are watching how you respond in difficult moments, he notes. \u201cThese situations define your company\u2019s character more than the good times do.\u201d Transparency demonstrates integrity while also providing the information needed to address the situation properly.<\/p>\n

Ensure that your teams have the tools needed to quickly gather accurate information about your environment, Hasmukh advises. \u201cMost important, build a company culture that values honesty.\u201d When a crisis strikes, people fall back on established communication patterns. \u201cYour response will naturally align with best practices if those patterns already include transparency.\u201d<\/p>\n

Rule 5: Stressed teams seek strong leadership<\/h2>\n

In a crisis, the team will always follow the tone and behavior of the CIO, says Matthew Oleniuk<\/a>, an independent project risk analyst. \u201cBeing calm and credible at the outset of the crisis will set the stage for successful tactics later.\u201d<\/p>\n

If there\u2019s no trust in the leader\u2019s decision-making stability, panic will fill the gap, Oleniuk states. Team members will then select their own priorities. \u201cMisinformation will spread, and \u2026 confusion will take hold of the entire department.\u201d All these factors will lead to a second internal \u2014 and perhaps even more extreme \u2014 crisis.<\/p>\n

People won\u2019t trust the crisis playbook unless they trust the voice delivering it, Oleniuk says. Even the best teams may collapse under poor, in-the-moment crisis leadership.<\/p>\n

Rule 6: Prepared organizations execute better under pressure<\/h2>\n

Know who will do what before a crisis hits, recommends Nick Nolen<\/a>, vice president of cybersecurity strategy and operations at managed cybersecurity provider Redpoint Cyber. In other words, you don\u2019t want to face figuring out your chain of command while the clock is ticking.<\/p>\n

\u201cThe best teams don\u2019t just have a plan \u2014 they know the plan, practice it, and trust each other to execute under pressure,\u201d Nolen says. When things go sideways, clarity is everything. \u201cConfusion burns time,\u201d he adds. In security, time is money, reputation, and, in many instances, compliance. \u201cA clear playbook and defined roles reduce the noise and help teams act with focus.\u201d<\/p>\n

Keep the plan simple and make it a routine, Nolen suggests. \u201cAssign roles clearly, revisit them often, and practice regularly.\u201d Full tabletop exercises<\/a> are great, but even a quick \u201cwhat-if\u201d discussion in a weekly meeting can build muscle memory. \u201cI\u2019ve seen teams freeze or trip over each other because no one knew who had the authority to act.\u201d The resulting delay then opens the door to greater damage, miscommunication, and even negative regulatory consequences. \u201cYou only get one shot to respond well; don\u2019t waste it trying to figure out who\u2019s in charge.\u201d<\/p>\n

Crisis response is a team sport, Nolen states. Tools help, but people make or break the outcome. \u201cGive your team clarity,\u201d he observes. \u201cGive them training and, most important, give them the confidence that when they act, leadership will provide support.\u201d<\/p>\n

Rule 7: Intelligence is an essential asset under duress<\/h2>\n

Act with intelligence, not just urgency, advises Jawahar Sivasankaran<\/a>, president of cybersecurity management service provider Cyware. \u201cThis means that decisions made during a crisis must be grounded in real-time contextualized threat intelligence that feeds directly into automated or semi-automated response mechanisms,\u201d he says, by way of example.<\/p>\n

Acting without intelligence inevitably leads to missteps \u2014 whether it\u2019s activating the wrong response plan or missing key indicators of potential compromises, Sivasankaran says. For example, a threat intelligence management platform, integrated with case management rules, will ensure clarity, precision, and speed, he explains. \u201cIt also enables teams to take informed actions that enrich cases with tactical, operational, and strategic intelligence in real-time.\u201d<\/p>\n

Sivasankaran recommends integrating cyber threat intelligence into incident response and case management workflows. \u201cBuild automation rules that map enriched threat intelligence to the appropriate playbooks \u2014 prioritized by criticality and business impact.\u201d To gain greater visibility into emerging threats, he suggests deploying bidirectional sharing with trusted partners.<\/p>\n

Ignoring intelligence-driven response inevitably leads to alert fatigue, wasted analyst hours, and inconsistent actions across teams, Sivasankaran warns. \u201cWorse, it opens the door to delayed containment and communication, increasing the incident\u2019s blast radius, both technically and reputationally.\u201d<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"

Virtually all enterprises have some form of crisis management plan in place. Yet simply creating a crisis management program isn\u2019t enough. What\u2019s often more important are the unwritten rules that help ensure the program is executed effectively when crisis hits. Whether you\u2019re facing a data breach, a production outage, or a cloud misconfiguration gone wrong, […]<\/p>\n","protected":false},"author":0,"featured_media":3316,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-3315","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/3315"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=3315"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/3315\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/3316"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=3315"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=3315"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=3315"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}