FTI Consulting, Cybersecurity and Data Privacy Communications

Additional Info

Company size (employees)500 to 999
Headquarters RegionNorth America


FTI Consulting’s Cybersecurity and Data Privacy Communications practice is one of the only and largest specialized cybersecurity communications groups in the industry. The practice provides expert crisis communications counsel and support throughout the entire lifecycle of a cyber incident, helping companies mitigate risks and preserve their reputation before, during and after the incident. The practice leverages first-hand experience having worked on hundreds of cybersecurity matters spanning preparedness, incident response, litigation support and reputation recovery across a wide variety of industries spanning the globe.

Specifically, our team provides strategic crisis management counsel and support on highly scrutinized cyber and data privacy incidents, including those linked to AG investigations, national security crises, class action litigation, congressional inquiries, investigative reporting or other foreign government investigations and involving major operational disruptions, significant data loss, and legal notification processes. The team has handled incidents involving PII, IP, PHI, and has successfully navigated business email compromise, phishing and spear phishing, DDoS, credential stuffing, vendor compromise, critical infrastructure and nation-state and double-extortion ransomware attacks. The breadth of experience and multidisciplinary approach on these matters has positioned the practice as a well-respected and influential advisor in the cybersecurity and communications space alongside seasoned forensic investigators, cyber insurers and legal counsel.

The team consists of former intelligence agency officials, corporate communications leaders, journalists, attorneys, government spokespersons and Congressional investigators who have advised on or managed high-profile data security and privacy incidents. The team’s diverse background and scope of expertise allow it to provide clients, including Fortune 500 companies and other multinationals across sectors and geographies, with unique and effective solutions.

How we are different

•In October 2022, we released the results of a groundbreaking survey – CISO: Communications Redefined, Navigating the Journey from Control Room to Boardroom – the report revealed the heightened pressure CISOs face to communicate cybersecurity risks and opportunities to C-suites and Boards. The research findings led to the development of a new coaching offering by our team designed for CISOs focused on enhancing their Board communications capabilities and readiness. The curriculum, “CISO: Secure Your Seat,” is scheduled to launch in Q1 2023.

•Our team takes a multi-stakeholder approach to preparedness, incident response, litigation support and reputation rebuild. We closely partner with external counsel, forensic advisors, cybersecurity insurance partners and internal client teams to ensure consistent and accurate stakeholder communications, developing tailored outreach strategies to shape narratives, and guide communications with key stakeholders, including customers, employees, investors, regulators, the press, among others. We have advised clients through more than 125 cyber matters – including some of the most prominent attacks that made global headlines – in 2022. We are well-versed in threat intelligence, including operations and behaviors of the preeminent threat actor groups and malware/ransomware strains – to effectively prepare clients for data releases, add-on threats, among other activities.

•We offer one of the leading communications practices of its kind. Our senior practitioners are considered industry thought leaders by the industry – Meredith Griffanti, Evan Roberts, and Jamie Singer, co-heads of the practice, have spoken on several cybersecurity panels, including Incident Response Forum Ransomware, the WSJ Pro Cybersecurity Executive Forum, National Cybersecurity Center and Google’s “Cybersecurity for State Leaders Training,” U.S. Nuclear Regulatory Commission’s HACK Event, among many others. We have secured inclusion on several premier panels in the field, including cybersecurity insurance. Our extensive relationships with top legal and forensic firms afford us partnership opportunities on the most high-profile incidents globally.