This is a series on what it looks like behind the scenes for corporate roles during a cybersecurity breach.

Maybe you’ve seen news articles written about cybersecurity breaches and the outages and data loss that come along with them. But did you ever wonder what goes on behind closed doors at the executive level of companies? Each company should have an incident response plan that defines what happens. But those plans don’t prepare you for the stressful moments you will encounter.

CEO – The CEO is pissed, first and foremost. They have a business to run, and getting the computers back online is not something that was on the agenda today. At the beginning of the breach, the CEO always has one question: How long will it take to fix? At this point, it doesn’t matter what data was lost if the company can’t make any money.

As the breach continues and the CEO meets with the other executives, they start to realize that this incident is now something that will have to be dealt with head-on. If the impact is customer-facing, the CEO may be getting calls and requests for private updates on the situation from clients.

The longer this continues, the harder the CEO’s job becomes. They know the company is on the clock in more ways than one, and not having answers for clients is not an option. The CEO will be requesting regular updates from technology leadership and will take a keen interest in their plan to bring systems back online, often with plenty of advice.

As hard as the CEO’s job is during the breach, it becomes even harder afterward. Now they have to win back the trust of all their customers. There may be media appearances and interviews, which means constantly working with the PR and legal teams. They also have to tend to the IT department and make sure the necessary changes to prevent this from happening again are actually implemented. That’s bandwidth they would rather use elsewhere, but putting this nightmare behind them becomes the top priority.

Next Article: The CFO