During: -Focus on the restoration and establish a direct line of communication, assure the client that they know what you and the rest of your team know about the nature of damage (trust takes you long way!) -Prioritise the restoration and what is in hand, always think about providing business continuity After: -Let the data be the king and ensure the investigation is led by logic and not emotions -Accept the gaps and share prompt improvement plans to fix them -Double-down the efforts to expedite the implementation of improvements and keep the client engaged -Add the remedies as a part of regular processes and framework to improve maturity of operations over the time

Acknowledge Promptly: Be transparent and empathetic regarding the issue. Communicate Effectively: Provide regular updates through a dedicated channel. Reassure on Security: Emphasize strong safeguards, data integrity, and ongoing protection. Post-Outage Actions: Commit to conducting a review, share improvements, and offer support. Build Trust: Focus on transparency, empathy, and proactive communication. Key Message: Prioritize clear updates and data security to maintain client confidence.

As a Battalion S6 NCOIC, reassure clients during a network outage by maintaining transparent communication with regular updates, emphasizing security protocols to ensure data protection, and providing dedicated support to address concerns. Show leadership presence to instill confidence, and conduct an After Action Review (AAR) to improve future responses. Clear communication and proactive problem-solving are key to maintaining trust and operational readiness.

1. Communication is the key: Consistently update clients on the outage status, including the cause, steps being taken to resolve it, and expected resolution time. Regular communication helps maintain trust and reduces uncertainty. 2. Security Security Security: Emphasize the robust security protocols and contingency plans that protect client data, even during outages. Share specific measures, such as data encryption, secure backups, and access controls, to reassure clients of their data’s safety. 3. support is all that need: Provide dedicated support channels for clients to voice concerns and receive real-time assistance. Ensure our support team is well-informed and capable of addressing security-related queries promptly and accurately.

When critical services are down, answering calls from multiple stakeholders can divert the team’s focus away from the primary task: restoring services. To streamline communication, a dedicated service status portal hosted on the Disaster Recovery (DR) site can serve as a single source of truth. This portal should provide: • Real-time updates on current status and activities. • A list of services restored and those still down. • An estimated recovery timeline for each service. All stakeholders should rely on this portal to stay informed and disseminate accurate updates throughout their channels. This ensures the team can remain focused while stakeholders receive the information they need.

It is all about preparation. Network outage is a usual trigger for the invocation of company BCP (Business Continuity Plan). It is of course, first and foremost, important to have all redundancy measures - altenrative circuits, UPS, etc. If none of these are working then: - Initiate a critical incident and keep track with timestamps of all decisions and actions taken - Provide clear directions to staff - Organize affected colleagues are safely sent to work from home or alternative location whereas applicable - Ensure partner sites/centers/facilities are engaged to take over certain functions - Initiate mass-client communication and regularly send updates - When the incident is closed - make sure all lessons are learnt and embedded in BCP

To reassure clients during a network outage, I would communicate promptly and transparently. Here's how: Acknowledge the Situation: Inform clients about the outage immediately, emphasizing that their data remains secure. Explain Protections: Highlight the security measures in place, such as encryption, redundant backups, and firewalls, that safeguard their data even during disruptions. Share the Plan: Outline the steps being taken to resolve the issue, including timelines and updates. Maintain Communication: Provide regular updates to keep clients informed and address any concerns. Offer Assurance: Reinforce that the incident is being handled with priority and their data integrity is uncompromised.

Since we had the right tools in place, we were alerted about the network outage immedietely. We had done a risk assessment and business impact analysis, so we know exactly what impact the network outage would have. Assuming a network outage is a major impact on the business, we had a secondary ISP connection with a different 'last mile' provider. Assuming we STILL had a network outage, we have plans in place and can reassure the business leaders that we are prepared for this situation. We've had great communication with the business, so they trust that we are prepared. We have well defined metrics such as MTO and now we execute our plans. We put the right people in the right places. We learn from it and improve our systems moving forward.

The security incidents can have a long term impact on reputations of Customers and Service providers. Keeping aside assurance, the Services provider (Incident Handling Team/ Organization) must have all checks and balances available w.r.t setting higest priority, strong processes/ procedures, Technology (necessary set of tools), mindset and keeping the working teams informed every now and then. Regular Audits and Compliances add value to this. You can top that up with a third party GRC Organizations also. Keep the Customer updated with Standard Notifications as per signed SLA's and Informing the Security agencies informed and compliance w.r.t Country Laws.

Acknowledge the fact, assure your efforts and communicate with stakeholders promptly. Architecture review meetings will become new normal in coming days as business operations are becoming more evolving. Threat reports, your security response reports and SLA reports helps to maintain the user’s confidence in the organization’s mature approach.