Category: Organization Development

Incredible example of media prowess from a five year old

While media training can make anyone better at speaking to the press, some people are just naturals, even at the age of five. If you haven’t seen the viral video of a young boy absolutely dominating an interview with his local news channel, have a watch:

Besides being ridiculously cute, this kid showed some serious media chops.

– Voice: You heard every single word he said, VERY clearly.

– Eyes: He makes eye contact with the reporter and eye contact with his audience through the camera when delivering his message.

– Body language: Even though he’s “never been on live television before”, the youngster’s body language doesn’t show anything but sheer confidence. He stands tall and balanced, uses his arms appropriately to help convey his points when appropriate and lets them hang to his sides comfortably when not.

– No distractions: Surrounded by a county fair and with other kids vying for some camera time, he never flinches, turns around, or shows any sign of being distracted from communicating.

Of course you don’t have to be a natural to do media interviews right. Practice, and learning from people with good technique (even if they’re five!), can help you learn to represent yourself or your organization when it’s time to step in front of a camera.

One note of caution, however. Do NOT assume that just because you’re comfortable speaking in front of a large, live audience, do not assume that will translate well to looking good on camera. Only testing your skills while being video recorded in conditions ranging from friendly to hostile interviews will give you an accurate assessment.

Strong statement to kick things off, but it was missing something

Home Depot may be joining the ranks of Target, P.F. Changs, and many others after announcing that it is looking into “unusual activity” involves the security of its data. While we give them due credit for not sitting mum on the topic, and coming off as very confident in their statement, as happens so often this one was missing a critical ingredient – compassion.

Here’s what the retailer told Krebs on Security, the site that broke the story:

“I can confirm we are looking into some unusual activity and we are working with our banking partners and law enforcement to investigate,” Drake said, reading from a prepared statement. “Protecting our customers’ information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers. If we confirm that a breach has a occurred, we will make sure customers are notified immediately. Right now, for security reasons, it would be inappropriate for us to speculate further – but we will provide further information as soon as possible.”

Effective crisis communications is very much about putting yourself in the audience’s shoes, thinking “what would I want to hear in this situation?” Besides the obvious – what’s happening and what are you doing about it – people want to know that you care, and you do that by showing compassion. This isn’t a total flop for Home Depot, but when the trust of your stakeholders is on the line isn’t it important to ensure your messaging is as effective as possible?

[From the Ed: We’re happy to share the following guest article from Hungarian crisis communications expert Kornel Bohm.]

Choosing the right crisis communication strategy

An intense situation, like a crisis, is accompanied by extreme emotions, and frustration, confusion, lethargy, fury, or even shame or a thirst for revenge – just to mention the most common ones – can get the better of the company and its individual members. It is the task of us, crisis-communication professionals, to choose jointly with the client the right communication strategy in the very first moments of distress in order to handle the situation.

To illustrate the type of strategies that can be selected we tend to use an easily comprehensible and tangible example, termed as the theory of the blank flag. Its most important value is to make the owner or company management recognise the difference between the eligible strategies and their various nuances. The efficiency, success or failure of the entire crisis communication can depend on these slight differences!

As a first step we generally suggest that the client imagine crisis communication as a blank, white flag. There’s nothing on it: neither colour, nor form – it can be turned into anything. You can immediately hold up one of these flags and the message will be evident and clear to all: we are casting our weapons away, we surrender and would like to apologise for everything. Holding up a blank, white flag can be a responsible choice as the possible and legitimate answer to a given situation of crisis. It is the strategy of assuming all responsibility, handing over control and taking a passive stance. Crisis communication in these instances begins with a prompt and sincere apology, continues by involving the authorities, and closes with the humble compliance to the official decree. It is only after this that the slow and painful process of reconstruction, of regaining the brand’s reputation can be even considered.

Let us now repaint this white flag! Paint it jet black. Being a conventional symbol, this too is comprehensible and plain to see: the colour of mourning. The colour of defeat and death. The winding-up of a business is often linked to the laissez-faire policy, the lack of navigation or even resignation and withdrawal. At times – not even that rarely – an organisation in crisis can decide in favour of liquidation or the withdrawal of a brand, or in the case of individuals, resigning from a post and disappearing from the public eye. In these cases no rebuilding can take place, and the possibility of resurrection remains close to zero. The only target that can be set is to preserve as much dignity as possible, and exit the scene with head held high.

In the former cases we acted passive but there are more options to come. Let’s switch to a more proactive behaviour that demands tougher action. Draw with your fingers on the black flag, as on a piece of sooty paper, two bones and a skull. Yes, that’s right; we have made a pirate flag. Once again the strategy is obvious: ready to leap into fight, we are picking up the gauntlet, prepared for combat. Naturally, fighting entails victims and blood but in this case we don’t want to be passive spectators or the self-sacrificing victims of the divulged situation. There is of course no battle without blood or sacrifice, though in this case we have no intention of being either passive onlookers or sacrificing ourselves for the unfolding events. Hoisting the pirates’ flag signals a determined fight, in which practically all means can be employed, both above and below the line. A desperate fighter won’t recoil from talks behind the scenes, providing the media with background information, throwing in a new agenda, bluffing or even protracted litigation. That is, everything that holds out hope for defeating the opposing parties is on the cards. Naturally, this choice of strategy can lead to a serious loss of good reputation, and, having a war at stake, the result is risky too. A keen battle may not make the company or brand too popular; nonetheless, the purpose of its crisis communication may be the minimizing of losses or the destroying of the attacker’s arguments despite the potential casualties.

What else can we be holding in reserve? It would be a good idea to set up a strategy based also on active participation but more moderate in its bellicose elements. Let’s think of a flag that synthesises the above tactics and, making use of them, creates a new, harmonious entity. This flag, drawn also in black and white, features an ancient Chinese system of symbols: that of yin and yang. Nothing expresses better the co-dependence, the symbiosis of the tactics and strategic moves, than this magical, simple form, embodying the universe (and of course not only crisis communication). Our yin-yang flag can comprise sincere apology and the facing up to responsibilities as part of the crisis handling. It is also feasible that, realizing our defeat, we decide on taking leave for good, with head held high – if possible. But in the spirit of yin yang we can also adopt and integrate elements of combat because there is a time for trench warfare, for dogged armament. This, fourth approach, creates therefore a synthesis of the possible choices. In the course of long-term crisis management we are almost bound to resort to certain elements of the yin yang strategy.

Although the obvious choice may seem to lend itself, we don’t automatically suggest the last approach. In our view the four “flags” are equal. Each of them could result in a legitimate and good decision, depending on the situation. The blank flag theory serves to provide a figurative and clear outline of the potential courses, thus giving clients the opportunity to make a rational decision when choosing a strategy.

Finally, another thought or even a new flag. We have alluded several times to the fact that crisis management and within that crisis communication often indicate a long-term process. Only the slow regaining of a company or individual’s good name, taking years for the most part, can mean the finishing straight. Once this has been seen to then the black and white checked flag appears, bringing the completion to an end. This is when champagne can be opened and glasses clinked in celebration of work done well.

Kornel Bohm
crisis communication expert, founder of Spindoc Communications Network, Hungary
Contact information: spindoc@spindoc.hu, www.spindoc.hu

Like it or not, you will be held accountable for your actions

The Internet has established a whole new level of accountability for major organizations. Which facts and figures see the light of day are no longer controlled by the companies involved, nor are they buried deep in financial journals your average person will never come across. Now, they’re published on highly visible, heavily trafficked websites and social media platforms around the ‘net.

This month, SourceWatch, a wiki entirely aimed at keeping corporations accountable for sticking to their stated ideals. went after an organization that talks a big game but is rather murky when it comes to explaining just how it lives up to its promises – Walmart. Here are a few of the facts dug up and published on the site:

The Economic Policy Institute estimates that Walmart was responsible for $27 billion in U.S. imports from China in 2006 and the company’s imports between 2001 and 2006 led to the elimination of 200,000 U.S. jobs. Walmart continues to be the largest importer of goods in the United States, accounting for 1 in every 25 shipping containers brought into the country. Of the 1 million manufacturing jobs Walmart has said it will help create in the next decade, just over 2,000 were created in the first year – equivalent to 0.2% of the company’s commitment.

Since 2005 – the year the company launched its “sustainability” campaign, Walmart’s self-reported greenhouse gas emissions have grown 14%. According to the Sierra Club, each of Walmart’s 3,200 supercenters uses as much energy each day as nearly 1,100 homes.

In May 2013, Walmart announced a new initiative to offer jobs to veterans. The company later clarified with the New York Times that they could not guarantee that these jobs would be full-time. At the same time, Walmart will receive up to $9,600 in tax credits for each hired veteran, and has hired a recruitment process provider to screen veteran applications and determine the potential value of tax credits associated with each applicant.

Of course Walmart is far from the only business that’s failing to live up to the lofty promises it’s made to placate critics or satisfy stakeholders, and Sourcewatch, and similar sites around the web, aren’t afraid to take them to task in a big way. From stoking negative sentiment to landing front-page search results that harm the companies named, these sites are taking dirty laundry out of the back room and putting it right where everyone can see.

The way to avoid trouble like this is simple – walk your talk. If you strive to live up to your promises, and share what’s happened if you find you can’t, your reputation will be free to flourish. Say one thing and do another, however, and there’s a good chance you could wind up the center of the wrong kind of attention.

When millions of patients have data stolen investors are not your primary audience

There’s no better proof that cyber crises are on the rise than the recent series of posts on this blog, starting with the discovery of a cache of 1.2 million stolen login credentials, followed by the Homeland Security breach exposing personal information on 25,000+ government workers, and now this one, discussing the revelation of an absolutely massive data breach that’s put 4.5 million patient records in the hands of criminals.

CNN reports:

Community Health Systems, which operates 206 hospitals across the United States, announced on Monday that hackers recently broke into its computers and stole data on 4.5 million patients.

Hackers have gained access to their names, Social Security numbers, physical addresses, birthdays and telephone numbers.

Anyone who received treatment from a physician’s office tied to a network-owned hospital in the last five years — or was merely referred there by an outside doctor — is affected.

The specific data involved means every person affected is at high risk for identity fraud, and means that not only can attorney generals from affected states sue, but also the patients themselves.

Community Health Systems is clamming up, with nothing on its website or in its press room to indicate there’s a crisis in progress at all. The one statement it has issued came in the form of a filing with the SEC, making clear that the only audience the organization is concerned about is its shareholders.

The Company has confirmed that this data did not include patient credit card, medical or clinical information; the data is, however, considered protected under the Health Insurance Portability and Accountability Act (“HIPAA”) because it includes patient names, addresses, birthdates, telephone numbers and social security numbers. The Company is providing appropriate notification to affected patients and regulatory agencies as required by federal and state law. The Company will also be offering identity theft protection services to individuals affected by this attack. The Company carries cyber/privacy liability insurance to protect it against certain losses related to matters of this nature. While this matter may result in remediation expenses, regulatory inquiries, litigation and other liabilities, at this time, the Company does not believe this incident will have a material adverse effect on its business or financial results.

Speaking only to investors and neglecting the concerns of the affected patients is a foolish move, but not one that’s entirely unusual coming from a sector that’s been slow to adjust to modern crisis management.

In all honesty, we would guess that data breach fatigue will prevent a major public uproar over this incident, but that doesn’t mean Community Health Systems won’t be at serious risk of taking financial damage from a deluge of lawsuits, or being tangled up in several years’ worth of legal procedures, once the hackers start making use of the stolen data. Compounding the situation is the organization’s failure to show any care or compassion for the patients affected, something that’s sure to leave them feeling less than sympathetic.

At this point it’s not a question of if you’ll have a data crisis, but when. While you can’t always prevent determined hackers from doing what they will, the better your preparation is, the more damage will be minimized, and the better your reputation, and bottom line, will come out in the end.

Cyber criminals can strike your organization without ever touching your systems directly

Earlier this month, the U.S. Department of Homeland Security announced a hack targeting a contractor who performs many of its background checks that exposed the data of at least 25,000 government workers.

Among the stolen data is a bevy of highly personal and confidential data, especially concerning since signs point to this being an attack by an enemy nation-state.

The Washington Post’s Ellen Nakashima was one of the first to share details:

The (background check) company, USIS, said in a statement that the intrusion “has all the markings of a state-sponsored attack.”

The breach, discovered recently, prompted DHS to suspend all work with USIS as the FBI launches an investigation. It is unclear how many employees were affected, but officials said they believe the breach did not affect employees outside the department. Still, the Office of Personnel Management has also suspended work with the company “out of an abundance of caution,” a senior administration official said.

“Our forensic analysis has concluded that some DHS personnel may have been affected, and DHS has notified its entire workforce” of the breach, department spokesman Peter Boogaard said. “We are committed to ensuring our employees’ privacy and are taking steps to protect it.”

More than anything, this incident raises red flags about the crises that can occur even if your own systems are sufficiently secured.

The question you need to ask yourself is, “am I devoting even a small percentage of the time cyber criminals are putting towards taking my data to actually protecting it?”

If the answer’s no, well, you’re asking for trouble.

Businesses large and small were targets of data theft

It seems every time we hear about a record-setting cyber crime, news of an even bigger one rolls around the corner. Cue the latest revelation – that a collection of stolen Internet credentials, including some 1.2 billion username/password combinations and more than 500 million email addresses, has been found in the ownership of a Russian crime ring.

The NY Times’ Nicole Perlroth and David Gelles report:

The records, discovered by Hold Security, a firm in Milwaukee, include confidential material gathered from 420,000 websites, including household names, and small Internet sites. Hold Security has a history of uncovering significant hacks, including the theft last year of tens of millions of records from Adobe Systems.

Hold Security would not name the victims, citing nondisclosure agreements and a reluctance to name companies whose sites remained vulnerable. At the request of The New York Times, a security expert not affiliated with Hold Security analyzed the database of stolen credentials and confirmed it was authentic. Another computer crime expert who had reviewed the data, but was not allowed to discuss it publicly, said some big companies were aware that their records were among the stolen information.

“Hackers did not just target U.S. companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites,” said Alex Holden, the founder and chief information security officer of Hold Security. “And most of these sites are still vulnerable.”

Despite the massive numbers involved, the most interesting part of this case is contained in the last lines of the quote. Most of the hacks we have seen over the past couple years have been targeted solely at large organizations and their customers, overshadowing the fact that small businesses are at risk as well.

Whatever your organization does, whatever it’s size, these days it’s guaranteed that you’re making use of the ‘net to store a great deal of data you do NOT want criminals to get their hands on. Do your best to secure your systems, and prepare crisis management plans in case you’re outfoxed, because as long as cyber crime continues to be profitable, nobody is safe.

Are you ready for a disruption in your food and water supply?

Experts say your disaster crisis management should include stocking at least one full week’s worth of food and water for each person in a household, but even in earthquake-prone California where we’re based it’s a rarity to see anyone who is properly prepared.

Early this month, residents of Toldeo, Ohio and surrounding areas were left in a lurch when their tap water was declared undrinkable due to a algae bloom in nearby Lake Erie that resulted in the presence of microcystin, a toxin that causes nausea and impair liver function in humans, and can be fatal to animals and plant life. Compounding the situation was the fact that boiling water containing microsystin would not make it safe, but actually concentrate the toxin further.

Although the state, National Guard, and major grocery chains did their best to bring as much fresh water as possible to residents, LA Times coverage illustrated how tense the situation was for those affected:

As truckloads of water came in from across the state, Toledo leaders set up distribution centers at schools around the city, limiting families to one case of bottled water each, AP reported.

Sam Melden, a native of West Toledo, told The Times he rushed to the nearest supply store around 9 a.m., only to find the shelves virtually barren.

“Costco was like a war zone, and they were limiting to like five cases,” he said.

Melden, who lives with his wife and two young daughters, and many of his neighbors were facing daunting trips out of town once they realized that local supplies were running short.

No matter how safe you think you are from disaster, reality is circumstances, both natural and man-made, can result in you and your family being be cut off from food and water for an extended period of time. Stocking a week’s worth of water and high-calorie, low-spoilage items like meal bars, dried fruit, canned soups, vegetables and meats is fairly inexpensive, and could mean anything from making you a bit more comfortable to literally saving your life, so what are you waiting for?

Are you positioned to stay ahead of damaging rumor, innuendo, and outright lies?

Considering not only his position as a key politician on the world stage for decades, but also his leadership through World War II’s propaganda battles and spy games, we feel Winston Churchill is more than qualified to speak on the subject of dishonesty. A hat tip to you, Sir Winston, as we dive into this week’s Crisis Management Quotable:

A lie gets halfway around the world before the truth has a chance to get its pants on. – Winston Churchill

It’s no secret that rumor and innuendo manages to travel incredibly quickly when it comes to crises. After all, it’s often juicy and entertaining, which gives people something to talk about. Of course, today the ‘net has enhanced the ability of incorrect information to spread that to a level Churchill never could have imagined, making the risks even greater than they were in his day.

We always counsel clients to get their story out first, before the opposition (or random bored strangers online) start pumping out juicy lies instead. Getting ahead of the lies and becoming the “go-to” source of information makes crisis management much easier to conduct because you’ve taken greater control of the narrative. Lag behind, let the lies take hold, and you’re going to have a difficult time convincing people that you’re the one telling the truth.

Don’t follow temptation into disaster

Although our threshhold for outrage over unethical behavior is being pushed on a daily basis, the fact remains that doing “the right thing” is still an important aspect of crisis prevention.

Why should your business be driven by anything other than making as much money as humanly possible? Vuma Reputation Management’s Janine Hills addressed this point in a recent blog post, sharing the wisdom below:

Nowadays, communications flow faster and farther and people have changed, moving from being CONsumers to PROsumers with far more influence than ever before.

PROsumers transformed from being professional consumers to product and brand advocates. Rather than simply consuming products, people are becoming the voices of those products and have the power to significantly impact the success or failure of companies, products, and brands.

Hills says, “These changes affect most aspects of how and with whom we do business, and corporations need to understand, if they want to remain in business in the 21st century, they will have to be ethical in all their dealings.”

Stakeholders don’t want to put themselves out as the voice of a brand they see as unethical. Not only do they not want to support behavior they don’t approve of, but nobody wants to be associated with “the bad guy”. Cutting ethical corners can be appealing, especially when it means you can significantly boost sales or reduce expenses, but in the long run it will come back to hurt you.

Even if you’re not guided by a moral compass, realize this – unethical behavior will put you in crisis, and crises will cost you. Keep that in mind, and suddenly any transgression looks a whole lot less tempting.