This vendor-written piece has been edited by Executive Networks Media to eliminate product promotion, but readers should note it will likely favour the submitter's approach.
Photo: Brian West. Source: FleishmanHillard
Recent global cyber-attacks have everyone focused on pre-determined 'how to respond' lists and directives in times of crisis; response manuals are built around them. While this form of preparation is a practical and essential part of addressing a problem, it unfortunately focuses company management on simply managing a crisis according to the lists in the manual, rather than leadership at a time of a significant reputational challenge.
The secret to reputation recovery after a crisis involves leaders taking rapid action and then communicating to key stakeholders in an authentic way. Yet in a cyber-attack, the first mistake managers make is thinking of the at-risk or stolen data as belonging to the company rather than to the customers actually affected, thereby approaching the crisis primarily from their own perspective.
As a result, companies delay announcing that they have been breached until they know everything about the breach: when was it, over what time frame, how much data has been stolen, is the data now secure, etc. If delaying until they know everything, though, they will never say anything.
Retail chain Target in the US approached its breach in this manner, delaying its disclosure of the truth and in the process destroying its trust with key stakeholders. They failed to recognise that those whose data has been stolen have a right to know immediately. True leaders understand this, opening the communication early and keeping it going.
When medical insurance company Blue Anthem was hacked in February this year, they seized control of their reputation by announcing the breach immediately and talking about what they were doing to support their customers. The divergent share price movements for Target and Blue Anthem in the aftermath of their respective issues tell the story of who gained trust and who destroyed it.
But more than communicating, leaders also need to be seen to be leading. None have demonstrated their leadership more clearly than Tony Fernandes, head of Air Asia, when one of his company's planes flying from Indonesia crashed into the sea in late December last year and unfortunately took the lives of all 162 people on board. Not only did Tony communicate early and constantly on behalf of the company through regular tweets and authentic language, but he also showed the kind of genuine compassion that marks a true leader in fatal crises.
Tony's tweets – his primary communications medium – were not crafted by lawyers or corporate PR people; instead, he spoke of the anguish for the families of the passengers, the staff and even himself. He was boots-on-ground quickly at Surabaya (from where the flight departed), meeting with families and staff and making himself constantly available to the media – even when he had nothing new to share. He was visibly demonstrating authentic leadership, and he kept communicating.