search.noResults

search.searching

saml.title
dataCollection.invalidEmail
note.createNoteMessage

search.noResults

search.searching

orderForm.title

orderForm.productCode
orderForm.description
orderForm.quantity
orderForm.itemPrice
orderForm.price
orderForm.totalPrice
orderForm.deliveryDetails.billingAddress
orderForm.deliveryDetails.deliveryAddress
orderForm.noItems
buy-in and be relevant to the key stakeholder audiences. It is critical that the IRO play a role here as the first line of defense with the investment community.


3. Develop thoughtful and organized communications approval protocols. Tese will help minimize delays as the crisis evolves. Perceived delays may give the impression of an ill-prepared organization that lacks the ability to handle the heightened responsibilities of a crisis.


4. Assemble a pre-defined task force. Tis group should have clear leadership and defined lines of responsibility. The task force must work efficiently to determine the materiality aspect of the incident with respect to SEC requirements as well as fulfill any reporting requirements of other regulators or government entities.


Board readiness is a topic for another article, but at the very


least, determine if board members know the response plan and if they are up to date on the latest trends.


Responding to a Cybersecurity Incident Should an incident occur, an effective response demonstrates that decisions can be made quickly, team members are working in lockstep, and strategies are executed seamlessly. Expect a high volume of inbound questions, concerns, and


demands from key stakeholders. It will be tempting to get ahead of the facts and provide reassurance to business partners, custom- ers, and the investment community. It is critical, however, that communicators respond to inquiries in a timely and professional manner, but it is even more important to only use information that is currently known.


The Role of the IRO Between SEC disclosure requirements and the very real potential of a cybersecurity incident, it is important for IROs to be involved in all aspects of cybersecurity preparedness, reporting, and incident response. IROs, with their unique skill set and perspective, have an important role to play, including the following:


Provide intelligence and feedback. Just as IROs are sources of information to the management team and board on how peers and the broader industry are communicating with investors, IR teams can provide similar insight on cybersecurity reporting, dis- closures, and messaging. Knowing what peers are saying and what is evolving as industry best practice, coupled with direct investor feedback, are valuable perspectives from which teams across an enterprise can benefit.


niri.org/ irupdate


Thoughtfully craft an investor offense. When preparing the cybersecurity incident response playbook, IROs will own the com- munications strategy aimed at the investment community. When crafting the strategy and messages, there should be a thoughtful approach to ensure that timely, truthful, and helpful information is provided to directly address concerns. Scenario planning can be helpful to create messages that can be used as needed and be updated as the situation evolves.


Advise colleagues on managing stakeholder expectations. IROs spend significant time managing stakeholder expectations. Tey are also skilled at doing so in a range of timeframes, from weeks to years. Tese communications skills can be useful to support colleagues who are not called upon to do this frequently, while ensuring that communications are aligned throughout planning for and responding to a cybersecurity incident.


Manage relationships with the investment community. Tis means serving as the main spokesperson to deliver key messages and information to the market. Tis also means serving as a gate- keeper to others within the company, since investors or analysts will likely want to speak with the chief information security officer or other executives on how the incident is impacting the company. IROs should work with their colleagues to determine whether to honor these requests, in what format to do so, and help their col- leagues prepare.


Plan for a lengthy resolution. According to IBM, it took an aver- age of 56 to 88 days in 2023 to resolve a cybersecurity breach. Tis means that communications teams and IROs need to plan to ad- dress the topic in their scheduled activities for at least a month or two. IROs should consider whether to address the topic proactively on earnings calls, or if proxy season is around the corner, whether the specific issue or cybersecurity in general will become a voting issue for investors. In addition, if the IRO is responsible for the company’s sustainability report, the sustainability report will need to be updated for consistency. By drawing upon their existing skills and processes, IROs can


make critical contributions to cybersecurity incident planning and response that can help protect value and save their companies from headlines they don’t want in the history books. IR


Rose Zu, CFA, is Director, Financial Communications at FTI Consulting, and Matt Saidel is Managing Director, Crisis and Cyber Communications at FTI Consulting; rose.zu@ fticonsulting.com and matt.saidel@fticonsulting.com.


IR UPDAT E ■ SPRING 2 0 24 1 7


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48