Sandy Levine | Survival Guide: Perspectives from the field

What happened in Cyber Storm from a public relations point of view? They had scenarios, "reporters" asking questions, people who were role-playing public information officers. As things unraveled, you could see how quickly the reporters started to ask questions.None of the information leaked [to the real world]; everyone was respectful that it was an exercise. If you leak information, you cannot have lessons learned. There were no leaks on how technologies worked and did not work.There were more than 200 organizations involved: federal, state and local, and the private sector. Mistakes were made, of course, since you are trying to push the envelope to see what might break. The fact that this many organizations stepped up to the plate is impressive. How did you become involved in Cyber Storm? I got involved because of my clients McAfee and Citadel. Their technologies were used in the exercise by participating government agencies. These are anti-virus, intrusion-detection and intrusion-prevention technologies. What was your contribution to Cyber Storm? I was in my office, on call, and did some things online. Beforehand, I helped with information for the "real world" press conference, with names for the press release. I helped to shape the message. I applaud DHS, they were very forthcoming in saying what they were hoping to accomplish and the lessons learned. Do cyberincidents have specific public relations needs? Yes, they are very, very serious. We have seen this with data breaches and other situations, such as the theft of the Veterans Affairs Department laptop computer, and it is very scary. From a public relations perspective, you have to be vigilant and pay attention to the world. It's a 24/7 response. You have to respond right away. A good public relations person gets information to the public as soon as possible, letting them knowwhat happened and what is being done to correct it, to calm fears and reassure everyone that everything is being taken care of as quickly as possible. How do you decide what to tell the public? These are the questions: Can you really contain it? Who does this impact? Are the people to be impacted aware of the situation, and how do we protect them?The point is there are many systems in our nation controlled by computers and networks, and we need to be aware that they need to be protected. It's expensive and challenging. You cannot put a lock on every single door, so you have to choose and balance, decide how much risk and how much privacy you want. Looking back on year 2000 as a major cybersecurity issue, how successful was the public relations industry in handling that? I think we did a phenomenal job. From a PR perspective, we were very proactive in saying, "This is a problem we can see, and here are the steps you can take." Folks did a very good job of educating the public to make them aware of what might happen and how to prevent it. As you recall, nothing horrible happened. I think there were no problems because people were proactive. Are there basic misunderstandings about cybersecurity that affect how you explain it to the public? Yes. In the last year, more newspapers are trying to cover technology, and some of the reporters might not understand what cybersecurity actually means. They are on deadline and trying to grasp something that is complex ? The challenge is when you talk about all the different types of protective measures you can take ? so many technologies do so many things.My concern is that people tend to blame the government and say they don't have the right technology. But the VA breach ? that was human error.