
Your website should be your most dependable communication tool in a cyber crisis – accessible, secure and easy to update in real-time.
Stay informed with regulations, insights & events by joining our mailer
In today’s digital landscape, cyber incidents are not a question of if, but when. For listed companies – especially those with investor relations (IR) obligations – the stakes are even higher.
A breach can rattle markets, damage trust, and invite regulatory scrutiny. But how you communicate in the critical hours following a breach can significantly impact your reputation and recovery.
This article outlines a cyber incident communication plan tailored to listed companies and investor relations websites. It includes three actionable steps and a real-world example of effective crisis communication during a ransomware attack.
1. Use your website for real-time cyber incident communication
Your corporate or IR website is your most visible and controllable platform, yet many companies still fail to use it effectively during a crisis. In the event of a cyber incident:
- Display a visible alert banner or homepage message linking to a dedicated update page
- Include a press/media contact and downloadable statement or FAQs to reduce inbound, repetitive queries
- Update the page frequently as investigations progress
Pro tip: Build a crisis-ready content template or microsite structure in advance. If your CMS allows rapid publishing, you’ll avoid scrambling under pressure.
Find out more about our secure and responsive digital website solutions.
2. Notify investors and stakeholders in line with disclosure obligations
Investor confidence can be severely shaken by silence or inconsistent updates. Publicly listed companies should:
- Notify the market promptly (via RNS or relevant disclosure channels).
- Include clear details of your primary channel where updates will be posted, e.g. your website
- Provide factual, jargon-free updates – even if details are limited at first
- Follow up with summaries on your IR website and investor platforms
Consistency across all communications channels – website, email, press, and social – is key to reinforcing transparency.
3. Align messaging across teams and channels – fast
Social media, PR, website updates, and stakeholder communications must reflect the same facts and tone. That means tight coordination across your legal, IT, comms (internal & external), and leadership teams. Best practice includes:
- Designating a central crisis communications team or lead
- Preparing pre-approved language frameworks to speed up legal clearance
- Communicating with a calm, proactive tone whilst avoiding defensiveness
Case Study
How M&S used its website to communicate during a cyber incident
In March 2024, Marks & Spencer (M&S) was impacted by a third-party data breach involving Zellis, its payroll provider. The breach stemmed from a vulnerability in the MOVEit file transfer software used by Zellis. Although M&S’s own systems were not compromised, the incident involved a limited amount of employee data.
Digital communication actions taken by M&S included:
M&S created a clear and accessible information page to address the incident directly:
View the M&S cyber incident page
This webpage was easy to find and was updated to reflect the evolving situation, serving as a central source of truth.
M&S did not issue an RNS directly, as the breach did not materially affect customers, systems, or financial performance. However, it coordinated closely with media outlets and referenced the incident in public commentary, showing strong alignment between legal, corporate affairs, and IT.
While M&S did not publish standalone posts about the incident on public social media channels, it was responsive to media enquiries and online conversations. M&S focused its digital response on its owned channels (website and press office), aligning with best practice for reputational risk management in incidents affecting internal data.
Your website should be your most dependable communication tool in a cyber crisis – accessible, secure and easy to update in real-time. At Design Portfolio, we build investor and corporate websites to meet the highest standards of reliability and security. As an agency certified with Cyber Essentials Plus and ISO 27001:2022, we apply best practice in every build – ensuring your platform is not only compliant but crisis-ready.
Mudasser Jamil - Head of Digital Development
Final thoughts – Be proactive, not reactive
Cybersecurity and reputation are inseparable. Your investor and corporate websites must be ready to support fast, transparent, and controlled communication – especially when the unexpected happens.
By embedding a cyber incident communication plan now, you’ll ensure your business is prepared to respond with confidence, clarity and credibility when it matters most.