"A crisis can be anything that can impact your reputation," said Matt Barkett of Dix & Eaton, getting the conversation started at the "Risk Management : Planning Before a Crisis Occurs" session on Monday that was moderated by Michael Yip, Vice President of Risk Management at Dallas Fort Worth International Airport. It could be an active shooter, weather-related, cyber theft or any other event that presents a "real and serious threat" to your brand, said Barkett.

And that is exactly what Fort McMurray Airport Authority experienced on April 4, 2017, at 11 p.m., said RJ Steenstra, President and CEO at the Canadian airport "We don’t believe the hackers knew they were hitting an airport. They were looking for vulnerabilities and they found us." They were hit by ransomware – Darma – which gained access through their VPN. "Once the hackers got into the system through the server infrastructure, they were able to access all files and folders with administrative credentials. Then they encrypted all the data," he said. Airport staff went through a brutal nine days of uncertainty as they negotiated with the hackers. "(The hackers) put a blanket over our servers," said Steenstra. "We couldn’t access it, but they couldn’t either," which meant the administrative data was secure, it just wasn’t accessible. Despite counsel to the contrary, they paid the ransom, which was $3,500 – one bitcoin. "Then (the hackers) wanted a bitcoin for every single file. At that point we stopped," he said. It took 6-8 weeks for Fort McMurray to rebuild and reprogram.

While "no data was compromised or lost," said Steenstra, the financial effects were no laughing matter. Total damages were in the $375,000 range, he shared. Luckily, the airport had cyber coverage on its insurance policy, which helped. But, they found out they were missing two key policies. "We were missing coverage for third- party damages," explained Steenstra. "We have now added that policy....and we are now doing biannual penetration tests of our systems."

Michael Nonnemacher, Acting Assistant Director of Aviation, Operations, Maintenance, Security at North Perry Airport, Broward County Aviation Department, has gone through his fair share of crises, as well -- from FedEx and Dynamic plane fires to active shooter s and hurricanes. "Airports have to plan for more than the typical airport disturbance," said Nonnemacher. Also, you have to figure out what you have to do after the event is over (they usually don’t last very long). "Media doesn’t just go away after the event. It goes on for days, weeks, even months. It goes on and on and is relentless. There is always going to someone out there is going to ask why we allowed this to happen."

Barkett concurred, adding that as far as media goes, "if you don’t communicate with them someone else will and it will not be someone on your side. You have to make sure your voice is heard. ‘No comment’ doesn’t cut it anymore; It means you are guilty of something or hiding something." He said that you have to be seen as part of the solution and you need to be able to get people together very quickly, in addition to being able to "make good decisions promptly."

When posting on social media, specifically Twitter, be sure to date-stamp your tweet, advised Steenstra. "It is important that people can verify when the information was released." He mentioned that you should not just include the date in the tweet, but something that says, "this message is as of this time." Also," take screenshots of tweets you sent out," said Lourdes DeSapri of Dix & Eaton. "It may be hard to find them later."