Most Kiwi businesses and organisations believe they are well-equipped to respond to cyber security breaches with their IT defences and detection tools.
But a new report released this month has highlighted a concerning gap in preparedness, with far fewer planning for the loss of trust and impact on reputation after an attack.
Datacom’s 2026 Cybersecurity Index shows that while nearly 80 per cent of those surveyed had IT defences in place, just 30 per cent had a comprehensive incident plan to deal with the aftermath.
Responding to a breach is rarely straightforward. Systems may be unavailable for longer than expected, details about the depth and breadth of the breach can be incomplete, and pressure from customers, team members, regulators, and media can build quickly.
Decisions need to be made in real time, often with limited clarity, and the way an organisation communicates during this period can shape public trust and confidence long after technical systems are back online.
The Datacom survey also highlights a mismatch between a business’ expectations for recovery and how it will actually play out.
A significant proportion of organisations believe they would be back on their feet within days of a major cyber incident, despite real‑world cases, like the Manage My Health and MediMap breaches, showing recovery can take weeks, if not months.
This points to a deeper issue in how cyber crisis preparedness is understood. Many organisations have invested heavily in IT prevention and detection – which is undeniably important – but haven’t spent crucial time prepping for the human, operational, and reputational consequences of an attack.
At the same time, the cyber threats businesses and organisations face are evolving rapidly, with AI increasing the risk, volume and sophistication of attacks.
When once a quick grammar and spelling check could weed out phishing emails, now, AI has enabled more convincing scams, including voice cloning, realistic invoices, and messages that mimic the tone and writing style of trusted suppliers.
True cyber resilience goes beyond just being able to technically respond to a crisis. It relies on knowing what to do and say when systems are disrupted, people are affected, and trust in your business is at stake.
That level of resilience requires a clear crisis communication strategy, realistic recovery expectations, and a leadership team that is well prepped to take control of the situation, reassure stakeholders, and manage the fallout effectively.