How poor communication doubles the damage—and what decision-makers need to learn from it

223 billion euros in damages—every year. And that’s not even close to the full picture. This figure doesn’t even include the follow-up costs resulting from loss of trust, customer churn, and damaged business relationships. These are (only) the direct costs that German companies must bear for digital attacks, according to Bitkom.

More than 80 percent of companies are affected. The numbers speak for themselves: cybercrime is no longer an exception, but a part of everyday business life. Yet the technical attack is often just the beginning.

A blackout: No access to data, servers offline, phones dead. The IT department tries to get a handle on the situation, the crisis team improvises, and management waits for information. What no one wants is becoming a reality for more and more companies: cyberattacks are hitting German organizations with increasing frequency and severity.

The technical attack is often followed by a second round of damage caused by incorrect, delayed, or contradictory communication afterward.

When a cyberattack occurs, technical costs are incurred first: IT forensics, recovery, and, if necessary, ransom payments. But the real burden often stems from communication failures: delayed disclosure, a lack of transparency toward employees and partners, and inconsistent statements.

These mistakes lead to follow-up costs such as customer loss, regulatory pressure, reputational damage, and prolonged business interruptions. Studies show that these indirect costs are often higher than the immediate IT damage itself.

The key factor here is communication. Because it determines whether an attack becomes a crisis or an opportunity to build credibility.

What often goes wrong in communication after cyberattacks

• Silence: Many companies wait too long before making any statement at all—due to uncertainty, fear, or internal disagreement.
• Technocratic jargon: Instead of clear language, we hear terms like “security incidents” or “network irregularities.”
• Contradictions: IT, communications, and the executive board often do not speak with one voice. This opens the door to speculation.
• Media silence: Many executives underestimate the real-time dynamics of public perception.

The result: Reputational damage that can no longer be contained.

Reality check: Three German cases resulting in millions in damages

1. Continental AG (2022): The automotive supplier fell victim to an attack in which approximately 40 terabytes of data are said to have been stolen. The extortionists demanded $50 million. Particularly critical: Communication with stakeholders was vague and delayed for a long time. Trust suffered lasting damage. 
2. Rheinmetall AG (2023): The technology group’s civilian division suffered damages of at least 10 million eurosdue to an attack by the Black Basta group. On the positive side: Rheinmetall communicated relatively openly. Yet the consequences showed that even with transparent communication, good crisis preparedness is everything. 
3. Ludwigslust-Parchim District (2021): Information was withheld for days following an attack. The result: citizens and the media turned away in outrage. The damage to the district’s image was significant, even though no specific ransom amounts were disclosed.

Why poor communication is costly

IBM puts it plainly: “Poor communication during a data breach can cost you…”. Studies show: Loss of reputation, customer churn, regulatory pressure, and prolonged business interruptions drive indirect costs significantly higher. Often more than the actual ransom demand.

The World Bank emphasizes: Indirect losses can be at least as severe as technical or financial damages. Poor communication thus becomes a cost multiplier.

We Are Fake! by Nikolai A. Behr (ed.), Thilo Baum, Nils Bäumer, Thorsten Jekel, Mariam Kublashvili, and Roland Pucher. 26.90 EUR (D), ISBN: 978-3-9808678-7-0

What helps now: New skills for a new risk landscape

In the new book by Dr. Nikolai A. Behr and his co-authors, “We Are Fake,” it becomes clear just how much the logic of crises has changed.

“The speed at which rumors, deep fakes, and misinformation spread is the real danger today.”

That is why companies need a new communication culture for cyber risks:

• Run through crisis scenarios: Who speaks to whom, when, and with what attitude and message?
• Practice communication and messaging: Media training for IT experts, communications managers, and board members
• Manage perception: Don’t react; communicate proactively

Conclusion: The attack is coming. You determine the impact.

Not if, but when. Cyber risks are no longer just a matter of technology, but of communication. Those who aren’t prepared pay twice: first with data, then with trust.

Question for you: Do you have a communication plan for an emergency? Who will face the camera when everything in the company comes to a standstill?

“Use the time before the attack—not after.”

Over 600 companies, including hidden champions and DAX-listed corporations, have already relied on our coaching and training expertise.

👉 Schedule a strategy consultation now with Dr. Nikolai A. Behr and the team at the German Institute for Communication & Media Training (DIKT GmbH):

(First published on LInkedIn)