Crisis management: Prepare, respond, recover services

Why is it important to be prepared for a crisis?

The world as we know it today, is an uncertain place. The “Global Megatrends”; demographic changes, shift in economic power, accelerating urbanization, the depletion of the earth’s natural resources and a rapidly evolving technological environment challenge our perceptions of the world, and require us to alter the way we think and act. Furthermore, a rapidly evolving technological environment affects organizations today, more than ever. With progress comes increased risk, especially concerning the digital terrain, where cyber-attacks are becoming increasingly common. 

Organizations unprepared to manage the consequences of a crisis stand to suffer great financial, operational, and reputational loss. The impacts of incorrectly managing a crisis situation can potentially be more damaging than the actual crisis event.

Business leaders have to acknowledge these new threats, as well as gain an understanding of the potential severity of these risks. Through due preparation, and by placing an emphasis on rehearsals and test runs, organizations are able to develop a comprehensive response strategy which goes beyond standardized technical processes – which alone do not cover all aspects of risk mitigation. 

Characteristics of a crisis resilient organization

  1. Risk monitoring and proactive crisis identification activities are endorsed and developed
  2. Crisis response tools, strategies, and responsibilities are communicated to, and understood by crisis response teams 
  3. Crisis resilience is promoted by top management, and 
  4. Crisis training, supervision and observation are used to improve and develop the capabilities of decision makers and crisis leaders
  5. New risks are addressed and incorporated into existing risk monitoring activities
  6. Inconsistencies and deficiencies in response plans are revisited and existing strategies are regularly updated
  7. Roles of responsibility in a crisis event are clearly designated
  8. Response priorities are clearly defined

Playback of this video is not currently available

Crisis preparation

  • Leadership
    Identifying a crisis requires foresight to properly identify a critical event, and leadership to take control of a crisis situation.
  • Strategy
    A crisis response plan should include appropriate preparatory, as well as business continuity measures alongside actual incident response protocols. 
  • Preparation
    Training and awareness before a crisis occurs, and testing complete response plans ensures that crisis teams are capable of applying a strategy under pressure.
  • Planning
    Adequate response plans cover all stakeholders, both internal and external, and focus on aligning technical and organizational response procedures.
  • Stakeholders
    While managing a crisis, organizations need to keep focus on stakeholder relations, and develop communication strategies, which suit stakeholder requirements.
  • Technical response 
    Making sure that technical teams are trained specifically for crisis response is paramount to when managing a crisis such as a cyber-attack.

What we can do to help?


  • Crisis framework review: review of the end-to-end framework, governance, controls and procedures of the organization with industry wide best practices and ISO frameworks as a reference.
  • Cyber response plans and playbooks: developing crisis management plans and scenario-specific scripts in order to support the technical- and management teams with the business-wide response to cyber and GDPR breach related incidents. 
  • Cyber crisis training: design and delivery of training sessions, varying from basic discussion-based exercises to fully customized crisis simulations, including post simulation debrief. Trainings focus on strategic response of top management, as well as technical responses of cross-team subject matter experts.
  • Red teaming: vulnerability assessment and penetration tests across a range of technologies – including mobile, web and embedded (IoT) devices. 


Live support to technical teams, senior management and executive level members during a crisis:

  • Cyber and GDPR incident-response expertise including forensic investigations
  • Support of response and recover teams
  • Providing specialist advice on key considerations, strategy and decision-making
  • Expert advice on response strategy and decision-making


  • Root cause analysis
  • Forensic investigation
  • Crisis response evaluation and analysis
  • Critical decision-making procedure development and stakeholder communication strategy advice

Our approach

With the experts of our Crisis Leadership Team, organizations can reassure their clients, community and stakeholders that they are able to better prepare, respond and recover from crises, by effectively implementing crisis plans and executing rehearsal activities.

Our approach
Follow us

Contact us

Gerwin Naber

Gerwin Naber

Partner, PwC Netherlands

Tel: +31 (0)65 150 75 75

Bram van Tiel

Bram van Tiel

Partner Cybersecurity & Dataprivacy, PwC Netherlands

Tel: +31 (0)62 243 29 62

Pascal Huizinga

Pascal Huizinga

Senior Manager, PwC Netherlands

Tel: +31 (0)61 201 17 20

Sanne Amber Maas

Sanne Amber Maas

Manager, PwC Netherlands

Tel: +31 (0)62 214 43 58