Security Public Statement Draft¶

Category: Public Communication Support

Purpose¶

Draft for a public statement about a security topic: breach notification, incident update, or general security posture. Balances transparency with legal and reputational considerations.

Audience¶

Public: press, customers, investors, and general audience. Reviewed by legal and leadership before publication.

Typical structure¶

• Opening — What happened or what you are announcing (factual, concise).
• Scope — Who or what is affected (as much as can be said).
• What we are doing — Actions taken and planned (containment, support, remediation).
• What you can do — Advice for affected individuals (e.g., monitor credit, change password).
• Contact — How to get help or more information.
• Closing — Commitment and tone (e.g., apology, reassurance).

When to use¶

• Breach or incident disclosure (legal or voluntary).
• Significant security event requiring public communication.
• Proactive transparency (e.g., security blog, annual report section).

Evidence linkage¶

Statement should be consistent with internal incident narrative and legal advice. Draft is reviewed against facts and evidence to avoid misstatement.