Classified Information PR That Will Communicate Secrets Without Breaches

03/06/2026

Classified information PR is the discipline that most defense and national security agencies handle informally, right up to the moment a breach makes it impossible to ignore.

The cost of that informality is now public record.

On March 15, 2025, Secretary of Defense Pete Hegseth shared live military operational details, aircraft types, missile specifics, and strike timing in a Signal group chat on an unapproved commercial platform.

The editor-in-chief of The Atlantic, who was accidentally added to the group, received the information hours before the U.S. launched airstrikes against Houthi rebels in Yemen.

Security experts described it immediately as “an extraordinary breach of U.S. security.” John Bolton, former National Security Adviser, told NPR: “These are absolutely basic things.

Yet these are Cabinet-level people in our government, and yet not one of them ever said, ‘Why are we on Signal?'”

Sophisticated adversaries did not cause the breach. A failure in the classified information PR discipline caused the breach.

Specifically, a failure to apply the basic protocols designed precisely to prevent this kind of exposure.

The communications response that followed significantly compounded the damage.

This article shows you what classified information PR actually requires and how to build the discipline that prevents both breaches and the crises that follow.

Government official reviewing classified materials inside a Sensitive Compartmented Information Facility, demonstrating the secure environment that classified information PR protocols are designed to protect

Why Classified Information Breaches Are Always a Communications Failure

Security experts distinguish between breaches caused by sophisticated adversaries and breaches caused by human error.

The Signal incident of March 2025 belonged firmly in the second category.

The Pentagon confirmed this in its own memo, issued on March 18, 2025, three days after the breach.

The memo stated that “third-party messaging apps (e.g., Signal) are NOT approved to process or store nonpublic unclassified information.”

That policy predated the breach.

The memo also reiterated the well-established approved alternatives.

Sensitive Compartmented Information Facilities (SCIFs), secure video teleconference systems, and official classified communications networks that senior officials can access even while traveling.

These secure rooms are built to discuss classified information,” NPR’s national security correspondent Greg Myre reported. “You can’t take a phone into these rooms.

You can’t take documents out, and all of these top-ranking national security officials have SCIFs at their offices and at their homes.”

The breach happened not because the right systems did not exist.

It happened because senior officials chose convenience over protocol, and because no one in the group ever raised the question of whether Signal was an appropriate channel.

Furthermore, in an era when, as DefenseScoop reported in March 2025, “China, Russia, North Korea and Iran are constantly working to intercept U.S. communications for their benefit.

Officials who choose to conduct sensitive discussions on a commercial app commit a classified information PR failure before they send the first message.

The public communications failure that followed- four senior officials delivering four contradictory statements within hours, then transformed a security incident into a sustained institutional credibility crisis that lasted months.

Read Also: Government Crisis Response: Why 73% Fail & How to Fix It

The Anatomy of a Classified Information PR Crisis

Understanding how classified information PR crises develop helps you build the prevention and response systems that contain them.

Three stages define every significant classified information breach from a communications standpoint:

1. The breach itself

Classified information reaches an unintended audience, whether through technical failure, human error, deliberate leaking, or, as in the Signal case, a combination of protocol failure and carelessness.

2. The disclosure and initial response

The moment the breach becomes publicly known, the classified information PR response must be activated. This is the phase where most institutions fail.

The 2025 Signal response demonstrated every common failure simultaneously:

Delayed acknowledgment of the core facts
Contradictory statements from multiple senior officials
Defensive social media posts that amplified rather than contained the story
No unified spokesperson is delivering a consistent institutional position

According to Red Banyan’s crisis communications analysis of the incident, the administration’s handling underscored a core principle.

Unified messaging is the cornerstone of effective crisis management for classified information crises.

3. The sustained credibility crisis

When Stage 2 fails, Stage 3 begins. The story shifts from the breach itself to the response, and then to broader questions about institutional competence, leadership integrity, and systemic security culture.

The Signal breach entered Stage 3 within 48 hours.

Senate hearings. Congressional investigations. A Pentagon-wide email warning about Signal vulnerabilities.

A memo ordering an investigation into “recent unauthorized disclosures of national security information.

Each development prolonged the crisis and deepened the damage to credibility.

This progression is not inevitable. It is the direct result of an inadequate classified information PR strategy at Stage 2.

National security communications team executing a classified information PR crisis response protocol, coordinating unified messaging across legal, security, and public affairs functions

Building a Classified Information PR Framework

Communications teams do not improvise classified information PR during a crisis.

They build it before any breach occurs, just as operational security teams build protocols before a mission launches.

Below is the framework that protects both sensitive information and institutional credibility:

1. Prevention – Communication Protocol Enforcement

The first line of classified information, PR defense, is protocol compliance.

Every person with access to sensitive or classified information must clearly understand which channels are approved for which categories of information.

This means more than a written policy. It means regular, mandatory training that covers:

The distinction between classified, controlled, unclassified, and fully unclassified information — and the approved communication channel for each
The specific risks of commercial encrypted applications for government-sensitive communications
The process for requesting approved secure communications when standard classified systems are not immediately accessible
The personal and institutional consequences of protocol violations, including at the most senior levels

The 2023 Jack Teixeira case, in which a 21-year-old Air National Guard IT specialist removed classified documents from a base and photographed them for a private Discord server, demonstrated that classified information PR failures occur at every level of access.

Approximately 1.3 million Americans hold top-secret clearances, according to the Office of the Director of National Intelligence. Protocol training and accountability must reach all of them.

2. Detection – Early Warning Communications Monitoring

The second tier of classified information PR protection is monitoring. This means:

Real-time media and social monitoring for references to information that should not be in the public domain
Internal reporting systems that make it easy and safe for personnel to flag potential spillage
Regular security audits of communication channels, including any commercial platforms in use across the organization

The Signal breach was discovered not through internal monitoring but by the journalist who received the information. That is the worst-case detection scenario.

A properly structured monitoring function gives institutions lead time, sometimes hours, to assess and respond before information becomes fully public.

3. Response – Unified Crisis Communications

When a classified information breach occurs, the response phase determines whether the incident remains contained or escalates into a sustained institutional crisis.

The response framework must include:

A designated single spokesperson with authority to speak on the incident – all other officials direct media inquiries to that spokesperson only
Pre-approved holding statement templates for classified information breach scenarios – enabling immediate, accurate response within the first 30 minutes
A legal-communications coordination process that moves at crisis speed – not at standard legal review pace
A clear set of facts that can be confirmed publicly, separated from information that cannot be disclosed, so the spokesperson can answer questions accurately without expanding the breach

Additionally, the holding statement approach is critical.

The initial public response need not be complete.

It needs to be fast, accurate, and consistent. “We are aware of the situation, we are investigating, and we will update you when we have confirmed information to share” is a complete and effective classified information PR response.

It stops the vacuum. It prevents contradiction. And it buys the time needed to coordinate a fuller response.

4. Recovery: Rebuilding Institutional Trust

The final tier of classified information PR management is recovery.

This phase begins once the immediate crisis is contained and focuses on rebuilding the institutional credibility that the breach damaged.

Effective recovery communications include:

A transparent account of what happened, what the investigation found, and what corrective actions are being taken is shared as soon as the investigation permits
Visible accountability, demonstrating that the people responsible for the breach face consequences appropriate to the severity of the incident
A proactive update on the systemic changes implemented to prevent recurrence, showing that the institution has learned from the breach, not just managed it.

The Pentagon’s response to the Jack Teixeira Discord leak in 2023 offers a useful contrast to the 2025 Signal response.

Defense Secretary Austin ordered an immediate review of intelligence access and accountability procedures, directed SCIFs to be brought into compliance with intelligence community standards, and implemented additional physical security controls.

Concrete, visible corrective action, communicated clearly and promptly, is what turns a breach from a permanent credibility stain into a demonstrable moment of institutional improvement.

The Sensitive Communications Gap: Where Classified Information PR Most Often Fails

The Signal incident revealed a structural problem that goes beyond individual error.

That gap, between what approved classified systems can practically deliver and what senior officials need to communicate at speed, is where classified information PR breaches most often originate.

It is not primarily a discipline failure. It is an infrastructure failure that creates pressure toward improvisation.

Moreover, addressing this gap is itself a classified information PR imperative.

Agencies that publicly acknowledge the infrastructure challenge and communicate the steps they are taking to address it build stronger institutional credibility.

They often earn more trust than agencies that tighten restrictions on unapproved applications without addressing the underlying need that led employees to use them in the first place.

The goal of classified information PR is not to make sensitive communication impossible.

It is to make secure communication faster, easier, and more reliable than any insecure alternative, so that choosing an unapproved channel never becomes the path of least resistance.

Senior government official conducting a classified video conference through an approved secure government communications system, demonstrating the correct classified information handling that PR protocols are designed to enforce

When to Bring In a Specialist Classified Information PR Partner

Managing classified information PR internally is possible for routine security communications. However, breach incidents and their aftermath consistently require specialist external expertise.

You need a specialist classified information PR partner when:

A breach has already occurred, and the public response has not been unified or credible
Your agency needs an independent audit of its classified information communications protocols before a breach occurs
Congressional oversight, Senate hearings, or media investigations are generating ongoing coverage that requires sustained narrative management.
Recovery communications require independent credibility, a voice separate from the institution that experienced the breach.
Your agency is implementing a new secure communications infrastructure and needs to communicate that transition publicly without revealing sensitive implementation details.

Spred Communications provides classified information PR strategy for defense agencies, national security institutions, and senior government officials.

We build the prevention frameworks, crisis response protocols, and recovery communications strategies that protect institutional credibility before, during, and after a classified information crisis.

Closing Thoughts

Classified information PR is not a luxury discipline.

It is the communications infrastructure that determines whether a security incident becomes a contained event or a sustained institutional crisis that undermines the trust your agency depends on.

Build your protocol training. Close your infrastructure gaps. Build your unified spokesperson system.

Make sure your crisis response framework is tested and ready, not created in the hours after a breach has already reached the public domain.

Because in classified information management, the decisions made long before a crisis arrives are the ones that determine whether you control the story or whether the story controls you.