My last post was a case study of A.P. Møller-Maersk's communication is response to the NotPetya incident that took some of the company's global systems offline in June 2017 and the narratives carried by the news media in covering the incident. In this post, I want to wrap up this case study and look at the larger implications of the incident. This was actually a pretty big deal... If you read official communication out of A.P. Møller-Maersk, you might not realize how big of a

So, Equifax happened... this blog is not about that, even though it seems like it is. I wrote it before that news broke. Any resemblance to that situation is coincidence. Previously, I went through the first two stages of CERC, pre-crisis and initial, and how they interact with incident response efforts. Now, we move on to the last three stages of CERC: maintenance, resolution, and evaluation. These are some of the most active stages for the organization. Each department will

In previous posts, I examined the use of communication at the more granular level of technical attribution, now I'd like to zoom out a bit. I want to examine incident response and how communication can be used throughout the process. Based on my research and conversations, incident response is a pretty siloed process, particularly from communication. It's frequently undertaken by teams external to the organization experiencing the incident and isn't something integrated into