Crisis Management Needs a Hack

Last week in Singapore, a “software bug” caused the details of more than 280 customers of a reputable airline to be leaked to other customers. This is the first public digital incident in the country for the new year, and it adds to a string of high-profile digital security incidents in 2018.

Aside from the IT gaps, coding and patch-management vulnerabilities and weak password protocols, we learned that the handling of human-to-human communication is a vital skill in the CDO’s arsenal of soft skills.

In the most recent case, a casualty of the data leak claimed she received only a “standard email” downplaying the risks, and her membership number was changed without further details. In the end it meant that she could not log in to check which leaked personal details could potentially cause problems. It also implied that she could not book new flights on the airline even if she had wanted to.

In last year’s crisis, a committee of inquiry unearthed many aspects of mismanaged communication in senior management, lack of failsafe reporting frameworks, and even in the face of discovering the hacking, a lack of timely accountability arising from shortcomings in staff empowerment and morale.

Customer Obsession Equals Communication Obsession

Following the playbook of the corporate communication or branding director (CBO), a CDO in crisis:

• Provides technical updates of the problem to the CBO for public and media engagement
• Oversees urgent closure of the crisis and initiates post-mortem investigations
• Divulges findings to the Board and CBO that can be sanitized and pitched to the authorities and to the public and media with minimal brand damage and maximum service recovery

It would be natural to assume that CBO bears the brunt of the communication duties to allay public complaints and media “circus-ing”. The CDO should only do what a CDO does – handle the problem and its aftermath, right? Maybe this worked five years ago, but in today’s fast and furious socially-networked world such silo mentality may lead to unintended consequences.

What lessons can be gleaned from the recent digital incidents? In the most recent case, a standard (non-personalized) email was sent in a downplaying tone. It also did not cover all the bases for the affected customer.

In other cases, the affected organization did not divulge the gravity of the incident until weeks later. In the case of recent flight delays in a budget airline, the compensatory measures were issued in a take-it-or-leave it manner. One of the affected customers, Stacy Wong, mentioned in the media that the airline did not stick to briefing timings, and she reiterated that “communication and compassion are key when there are extensive flight delays.”

Just as the power of social media can wreck an established brand in mere weeks after a public relations disaster, so too can organizations leverage on social media communication to contain reputational damage and gain empathy from netizens. The key is to play safe with obsessive, forthright communication rather than to be seen as downplaying, under-communicating, evading and obfuscating.

Disrupting with Honesty

Every organization that suffered serious crises in the past year were counseled by top-name firms and had the best-practice playbook and resources to guide their response. Yet, the social media metrics showed disapproval and loss of trust. Here are some lessons CDOs can learn:

1. Risk mitigation and damage compensation measures have been questioned by customers simply because they came on a one-size-fits-all platter. Properly planned service recovery, even when drafted in a rush, must always offer choice, personalization and acceptable trade-offs for affected customers to weigh and consider.
2. Internal and external communication protocols were slow and fragmented, leading to an unsatisfactory frequency of updates to the public. Where public communication was at times frequent, it often seemed contrived, evasive or, as some social media observers noted, phrased in “standard PR parlance” meant only to buy time. Arguably, any lack of service recovery can and will lead to irrational customer behavior on social media channels.
3. The communication of unfolding crises often exhibited a silo-effect in which technical information was dumbed-down by communication practitioners in a way that today’s connected social media community does not take well. Instances of over-simplification, over-generalization or vague catchphrases, even deemed applicable just a decade ago, are now just fodder for social media literati to conjure conspiracy theories and fake news with. In truth, today’s CDOs and those in similar capacities, need to work with communication chiefs to engage the public at different levels of transparency and technical parlance to widen the communication net, even if it means opening the crisis up to even more post-mortem scrutiny. If the organization involved does not want to, and cannot handle the whole truth, be prepared for possible exposés in the aftermath that could be worse than the original crisis.
4. Best practice dictates that no time should be wasted on witch-hunts and finger-pointing during the course of a crisis that has not been deemed over. Yet, the reality of the social media age is that the public expects corporates to try and shield people in power. CDOs must be cognizant of this phenomenon and coordinate CBO efforts at all fronts to project transparency. Most importantly, the results of the investigation should be visible and enshrined in multifaceted measures and policies to deter, prevent, detect and snub out similar incidents in the future.

In the disruption era, crisis management has to evolve -- fast. Mere technical competence and customer obsession are no longer the only skills required for strong crisis management. The days of smooth PR doubletalk and canned responses no longer cut it. And no, it is not the social media phenomenon that has changed the rules of the game – societal expectations and irrationalities just get expressed more quickly and impactfully now.

At the end of the day, only visible diligence in displaying empathy, humility, honesty and timeliness can salvage corporate reputations. As they say in public relations, optics is everything.