Planning for the worst: Crisis communications 101

Every company – tech-focused or not – will eventually face a crisis. An unhappy and outspoken customer, an egregious misstep by an employee, a product malfunction. Yet, half of U.S. companies don’t have a crisis communication plan. Rather than a nice-to-have, you need to think of this as a must-have insurance policy against something that could, at best be an annoyance and at worst, sink your business.

No one is immune to a crisis gone awry. Think of the fire Samsung had to put out when their smartphones started sparking last fall. Not exactly the light the company was hoping to cast on the release of the latest product, the Galaxy Note 7.

While quick to respond, Samsung made some crucial mistakes. The company underestimated the nature of the problem, first asking customers to simply swap out their faulty smartphone with a complimentary replacement or refund. Initially, this was communicated via an inconspicuous tab on the company website, when it should have been a direct alert to consumers – a move that was made days later.

Several replacement phones were also found to be faulty, which then led to a full-fledged recall.

Perhaps a prompt and transparent holding statement to all stakeholders could have mitigated the situation, but we will never know. What we do know is that Samsung’s actions cost them the trust of many customers – and a whopping 96% on their mobile division’s bottom line.

Not every tech company (and hopefully not yours) will face a crisis of this scale, but having a communication plan in place is critical.

Here, I’ve outlined the basic elements of a solid crisis communications plan to help you get started just in case you ever need it.

What could go wrong?

Some crises can’t be predicted, but many can. Begin by doing a “vulnerability audit” on your company. Talk with everyone from your entry-level developers to your CTO, and ask them what could possibly go wrong. Once you have a list of seven to 10 potential events, think through how these scenarios could play out. Prepare general talking points around each topic that can be used regardless of the situational details.

For example, every cloud-based app company should know how to talk about their commitment to user security and privacy. This will form the building blocks for your response in the event of a data breach.

When to act?

When formulating your plan, consider a checklist-based, protocol format so your team has a clear set of steps to follow. The goal is to act quickly by following a logical order of tasks and responses during what could be a very emotional time.

The first order of business will be contacting your shareholders. Depending on how contained the crisis is, the media could be knocking at your door within a matter of minutes. However, before making any public statements, you must inform those who are most affected by the situation. In the case of a true emergency, law enforcement and regulatory bodies should be contacted immediately. Generally, your own upper-level managers and employees should be near the very top of the list, since they will be a part of your response efforts. Never announce something to the media before sharing it with your key stakeholders first. Take the opportunity to present your side of the story and prime them for what’s to come. Establishing a dynamic communication channel will ensure that you can route updated information to employees as it becomes available.

Who will speak?

When a crisis hits, the last thing you want is to be scrambling over who should talk to the media. Dealing with the press and addressing the public requires skill and practice, so choose a spokesperson early and wisely.

All other staff, board and committee members should be helpful to the media by connecting them with the spokesperson for further information.

Have the spokesperson hone their interviewing technique by rehearsing a strong opening and the company’s key messages and learning how to effectively bridge, deflect and block. Set up a video camera so the spokesperson can practice in privacy, and if you think additional support is needed, consider hiring a company that specializes in interview and public speaking training.

How to respond?

Once you have your spokesperson lined up, how exactly should they respond to the media?

Do’s: It all starts with messaging. Expand on your situational talking points by crafting a well-prepared elevator speech that describes what you do well, incorporating your company values, beliefs, commitments and mission.

For example, in the event of a wide-scale identity theft at a major credit card company, messages like this resonate: “Protecting the privacy of our customers’ personal information is a top priority.”

It’s also important to remain honest and also to have a talking point or two about what the company will learn from the situation at-hand.

Don’ts: Never speculate. Stick to facts. Don’t be afraid to respectfully redirect a question. For example, if a reporter says, “I understand this may have been an inside job,” don’t fall for it. Simply restate the facts and your key messages. “We know that some 100,000 records were comprised. Our investigation is underway and we are fully cooperating with the FBI.”

“No comment” is never acceptable. It looks like you have something to hide. If the question cannot be answered due to a corporate policy (such as sharing personnel information) let the inquirer know that.

Why bother?

What are the consequences of a botched crisis response? I think Samsung has shown us what can be lost in the fallout of an extreme crisis situation, but the importance of positive media relations, both in crisis mode and everyday communications, cannot be overstated.

In a previous life, I had a job as marketing director, and my boss, the VP of the division, took a decidedly opposite approach to crisis communication. He believed the best way to deal with the media was to tell them nothing. He shunned them, stalled, refused to answer questions, and hoped the problem would go away. This bred distrust and made the media want to dig deeper. It also damaged our ability to get positive press coverage. When a crisis did hit, the media knew they wouldn’t have a cooperative official source, so they went to unofficial sources for the story. The damage was magnified significantly because the facts weren’t straight and the corporate messaging was never delivered.

The lesson? Whether it’s positive or negative press, provide the media with information that enables them to do their jobs and positions your company as helpful, transparent, responsive, solution-oriented and trusted. If your crisis management plan is your insurance, then consider friendly media relationships another form of reputational currency. Believe me: when all hell breaks loose, you will be thankful to have some good karma in the bank.