CISOs should take the lead to develop a post-cyberattack communications plan that accurately informs stakeholders and instills confidence in their organizations' response.