Leading Through the Dark: The New Reality of Crisis Response

Graphic of system failure

It’s 2 AM and your phone goes off. For an incident responder, this isn’t a surprise; it’s a lifestyle. You’re plunged into someone else’s worst day, on the other end of the line is panic, a system is failing or something is already gone wrong. What’s different today isn’t the chaos, but the complexity. The digital infrastructure we rely on—from transportation to healthcare to the food on our shelves—is more interconnected than ever. When a system goes down, the impact is massive.

Pinpointing Where GPS Can't Reach

We often think of crisis response as a “right of boom” problem—reacting after the detonation. But true crisis leadership begins before the explosion. It starts with preparedness and proactive thinking. The systems that run our critical infrastructure are often decades old, built before anyone imagined them as targets. Yet today, hundreds of thousands of these systems are publicly exposed and vulnerable to cyberattacks. We wait for the problem before we take it seriously. Because when the boom hits, it’s not just data on the line—it’s people’s jobs, their sense of security, and the trust they have in your organization.

When a crisis hits, your first job is to establish order. This starts with leadership. The person who leads isn’t always the one with the highest title, but the one with the clearest view of the situation. It’s about clarity, decisiveness, and trust. If you’re not the one leading, your job is to follow.

Once leadership is established, you need to mobilize quickly and distribute responsibilities. A common approach is to divide the initial response into key domains:

 

    • Communications: Handling internal and external messaging.
    • Logistics: Coordinating physical resources.
    • Security: Managing physical and cybersecurity.
    • Operations: Running the technical recovery process.

These roles should be predefined and practiced regularly, not figured out on the fly. The faster you can activate them, the better your response will be.

Next comes triage. Assess the damage and prioritize. What can be saved? What is already lost? I’ve seen organizations paralyzed in a ransomware attack, debating for hours whether to disconnect the network. By the time they decided, it was too late. The time to define triage protocols is now, not during the disaster.

At the heart of effective crisis leadership is a blend of humility and preparedness. It’s about recognizing that the “boom” is coming and doing everything you can to prepare. That means training, tabletop exercises, and building a culture where people know how to lead and how to follow. We train for the technical challenges, but we must also prepare for the human ones. The fatigue, the stress, the pressure to make the right call under fire—these are just as real as any system failure. True resilience isn’t just about the network; it’s about the people who defend it, and leaders must protect them too.

When the next wake-up call comes, your success won’t be measured by how quickly you respond, but by how well you were prepared to lead.

Join the Clarity team at the Department of the Air Force Information Technology and Cyberpower (DAFITC) event in Montgomery, Alabama from August 25-27. Our mission to provide unparalleled digital resilience and proactive defense aligns with the conference’s theme of Lethality, Readiness, and Efficiency. Be sure to attend Nathan Case’s talk, Crisis Leadership in Action: on our innovative approach to incident response, where he will detail how our cutting-edge Obsidian capabilities can empower your organization. Stop by our booth for a chat about your cybersecurity challenges or schedule a meeting with our team to explore our services further. We look forward to seeing you there and working together to secure the future of our digital infrastructure.

As a Chief Security Officer at Clarity, Nathan Case brings a wealth of expertise in SecOps, cloud security, and incident response. A respected thought leader in cybersecurity, his innovative approach is underscored by multiple patents and contributions to prominent industry platforms. Nathan's unique blend of technical acumen and creative thinking allows him to develop robust, forward-thinking solutions that enhance cyber resilience and address complex architectural challenges for Clarity's clients.