Think back to the last time your organization ran into an ugly situation that was resolved before it became an actual crisis. When things died down did everyone breathe a big sigh of relief and head back to work, or did you stop to ask yourselves “How could we prevent this next time?”. Chances are you did the former, and that’s a problem. Quite often when we’re brought in to help with response to a breaking crisis we’re told that something similar happened weeks, months, or even years before and managed to stay under the radar. But, instead of looking back to see how the issue could have been prevented in the first place and making necessary changes to policy, procedure, or training, everyone was so glad it was over that they sort of…forgot.

Any time you encounter an unsatisfactory situation, whether it’s on the scale of a small influx of negative reviews or a massive public protest, ask yourself “How could we prevent this next time?”. You can’t avoid every crisis, but if you encounter the same one twice and haven’t prepared then you’re making a conscious choice to take more damage than necessary.

——————————-
For more resources, see the Free Management Library topic: Crisis Management
——————————-

[Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm, and also editor of its newsletter, Crisis Manager]

We love to connect with readers on LinkedIn! Connect with Jonathan | Connect with Erik

Time to change your Twitter passwords! A warning that all users should change their passwords came from Twitter itself after it was revealed that user passwords were stored unencrypted on company servers. Though at this time there’s no indication your passwords were shared with anyone outside of Twitter, employees did have access to these unencrypted keys.

Twitter did apologize, and though we would’ve liked to see compassion included a bit earlier in the message it’s not a bad piece of crisis communications:

When you set a password for your Twitter account, we use technology that masks it so no one at the company can see it. We recently identified a bug that stored passwords unmasked in an internal log. We have fixed the bug, and our investigation shows no indication of breach or misuse by anyone.

Out of an abundance of caution, we ask that you consider changing your password on all services where you’ve used this password. You can change your Twitter password anytime by going to the password settings page.

About The Bug

We mask passwords through a process called hashing using a function known as bcrypt, which replaces the actual password with a random set of numbers and letters that are stored in Twitter’s system. This allows our systems to validate your account credentials without revealing your password. This is an industry standard.

Due to a bug, passwords were written to an internal log before completing the hashing process. We found this error ourselves, removed the passwords, and are implementing plans to prevent this bug from happening again.

Tips on Account Security

Again, although we have no reason to believe password information ever left Twitter’s systems or was misused by anyone, there are a few steps you can take to help us keep your account safe:

1. Change your password on Twitter and on any other service where you may have used the same password.
2. Use a strong password that you don’t reuse on other websites.
3. Enable login verification, also known as two factor authentication. This is the single best action you can take to increase your account security.
4. Use a password manager to make sure you’re using strong, unique passwords everywhere.

We are very sorry this happened. We recognize and appreciate the trust you place in us, and are committed to earning that trust every day.

Having a data breach falls firmly into the “predictable crisis” category for any business today, which brings me to a question – when’s the last time you went through a tested your own ability to respond to the predictable crises that threaten your operations? In a world where responding quickly is critical, you lose valuable time scrambling to create a response after the fact. Know your risk factors, be prepared, and deploy as needed.

——————————-
For more resources, see the Free Management Library topic: Crisis Management
——————————-

[Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm, and also editor of its newsletter, Crisis Manager]

We love to connect with readers on LinkedIn! Connect with Jonathan | Connect with Erik

We see one simple fact overlooked often in crisis planning – you can’t divert 100% of your assets to recover from an issue when there’s still a business to run. This video from Rave Mobile Safety looks at telling stats about how prepared organizations really are for crisis management, and how many would truly be able to weather a storm without letting day-to-day operations slip.

Too often organizations assume they’ll be able to maintain operations and manage an ugly situation when the reality is the folks in critical roles are often already stretched too thin. Leveraging technology and careful planning, along with actually practicing use of both, is critical to surviving the inevitable negativity every organization encounters at one time or another.

——————————-
For more resources, see the Free Management Library topic: Crisis Management
——————————-

[Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm, and also editor of its newsletter, Crisis Manager]

We love to connect with readers on LinkedIn! Connect with Jonathan | Connect with Erik

[Editor’s note: Thank you to Kamy Anderson for sharing this post about the importance of regularly reviewing your business continuity plans.]

A business continuity plan is a must-have in today’s ever changing and volatile market. A carefully and strategically devised business continuity plan has one sole purpose – to ensure your company’s continued existence, even after facing a disaster or major disruption.

It is important to note, that such a plan is not set in stone. It should be reviewed and modified accordingly. However, since it may be challenging to do so on a busy schedule, it is important to know the hows and whens.

Let’s see how a learning management system can help you regularly review your business continuity plan, and when the right time to review it is.

Why You Need to Review Your Business Continuity Plan

Now that we’ve explained why it’s important to have one, we will go over why you need to review your business continuity plan. First of all, in order to be considered a business plan, any plan has to be kept up-to-date and work reliably, and the BCP is no different.

When you decide to review your business plan, you first need to make sure that both of these points are properly addressed. .

To make an efficient plan you also have to assess the various risks. The general business operation risk category consists of market, industry and environmental changes. Here are the most common ones to pay attention to:

1. The competition has entered the market with a better product or service than yours, and at a lover price
2. Your target audience’s focus and needs have shifted to another product or service, which may not be better than yours, but has features or functionality that yours doesn’t.
3. There is an imminent cyber threat which may affect your business or your clients.
4. You are operating in a country with an unstable political climate.
5. You are dealing with hazardous materials and/or chemicals.
6. There is a risk of an epidemic illness breaking out in the country where your offices are.
7. A key employee decides to leave the company, or dies unexpectedly.

These are just some of the risks that every business may have to deal with. It is important to pinpoint the risks that are specific to your business operation and incorporate strategies to deal with them if they become reality. All of these risks can also change over time, making your plan obsolete and ineffective. Thus, the BCP review becomes a standard and must-have procedure. And it seems that this becomes a trend in the SMBs ecosystem.

When to Review your Business Continuity Plan

Now that you know why it is important to review your BCP, let’s see when you should do it. As you might have guessed, the review process can eat up a big chunk of your and everyone else’s time. This is why it is important to learn when to review it.

The first indicator that tells you to assess the reliability of your BCP are changes to the way your company operates. Every time you change something, whether it is for internal or external reasons, you should revisit your BCP. What are these changes we are talking about? Here are the few examples:

1. If you decide to launch a new product or service.
2. If you decide to implement new software, technology, or hardware.
3. If you move to another location.
4. If you decide to penetrate a new market.
5. If any of the departments change priority levels, for instance functionality before the design.

Now that we’ve covered changes in company operations, we should address changes to the people in your business. These changes also present a certain risk to your business operation, so let’s see which ones necessitate an immediate BCP review:

1. If you, for any reason, lose key staff (for instance department managers).
2. If you hire a batch of new employees.
3. If you experience a PR crisis.
4. If you have to change the responsibilities of your staff.
5. If you dispatch your staff to a new business location.
6. If the skillset of your staff becomes obsolete and they are unable to meet the new business operation requirements regarding policies and procedures.

Best Post-Review Policy

Starting with your business continuity planning team, everyone in your company should be on board with the procedures and policies it contains. In addition to identifying new risks, reviewing the plan and updating it, you should also make sure to notify the stakeholders about the latest changes.

You never know when you will need to put this plan into action. This is why the key people in your company should be informed of its location and how they can access it. If you want to minimize the risk of confusion, make sure that you keep only the latest, updated version of your BCP. If you have printed old versions of the BCP, be sure to discard them.

And lastly, you should put your new BCP to the test. You have to make sure that it works before you adopt it as an official BCP document. Review each procedure, asset and resource that is crucial for the success of BCP and make sure that you didn’t make any oversights.

How Can a Learning Management System Help

Since BCP is a document containing valuable information, you should definitely consider using it as training material. Keeping the key people and other employees in the loop with the latest changes can quickly turn into a daunting task. This is why more and more business leverage the power of a learning management system to distribute information that is crucial for business success.

By using online eLearning software, powered by the latest learning management system, you can streamline the majority of the efforts surrounding the BCP review, update and information distribution. In addition, your BCP will be kept on a remote and safe location, accessible from any location and device.

Thanks to the revision history and notification system, you will be able to keep everyone responsible in the loop, with as little effort as possible. Not to mention that you can continue to use the learning management system to organize continuous training and learning opportunities for your staff.

Start Your Review Before It’s Late

The business continuity plan is a must-have strategy for businesses in all industries. Hopefully we have helped you understand the importance of devising one and when to review it. Also, you could see that the writing, reviewing and distribution of a BCP becomes an easy and less risky activity if you do it with the assistance of a learning management system.

Kamy Anderson is an ed-tech enthusiast with a passion for writing on emerging technologies in the areas of corporate training and education. He is an expert in learning management system & elearning authoring tools – currently associated with ProProfs.

 

 

Cyber crimes are one of the leading causes of modern crises

Cyber crimes come in many shapes, including data theft, ransomware, or insider leaks, and impact targets spanning from single individuals to the largest corporations on the planet. The folks at the Best VPNs Blog shared an infographic, titled “77 Facts About Cyber Crimes One Should Know in 2018” that shares a massive amount of data, including this look back at the most dangerous and impactful cyber crimes of the past year:

For the full infographic and more intriguing stats about cybercrimes you should know in 2018, visit the Best VPNs blog by clicking here.

——————————-
For more resources, see the Free Management Library topic: Crisis Management
——————————-

[Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm, and also editor of its newsletter, Crisis Manager]

We love to connect with readers on LinkedIn! Connect with Jonathan | Connect with Erik

So Alexa decided to laugh randomly while I was in the kitchen. Freaked @SnootyJuicer and I out. I thought a kid was laughing behind me. pic.twitter.com/6dblzkiQHp

— CaptHandlebar (@CaptHandlebar) February 23, 2018

The latest story to catch the attention of the internet is one of creepy and unexpected laughter coming from Alexa-enabled devices. Videos like the one above popped up on Twitter and Reddit, among others, and sparked thousands of shares and a drawing an awful lot of attention. While this isn’t exactly a crisis, some of the discussion did to veer into the potential risks of “always listening” devices – a topic Amazon and manufacturers of said devices would probably rather avoid!

Rumor and innuendo can quickly create major issues for you, which is why it’s smart to stop even the seemingly-innocuous ones in their tracks. Amazon knows this, and quickly released a statement clarifying what was happening, telling reporters that, “In rare circumstances, Alexa can mistakenly hear the phrase “Alexa, laugh.” We are changing that phrase to be “Alexa, can you laugh?” which is less likely to have false positives, and we are disabling the short utterance “Alexa, laugh.” We are also changing Alexa’s response from simply laughter to “Sure, I can laugh” followed by laughter.”

——————————-
For more resources, see the Free Management Library topic: Crisis Management
——————————-

[Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm, and also editor of its newsletter, Crisis Manager]

We love to connect with readers on LinkedIn! Connect with Jonathan | Connect with Erik

 

Fake tweets. They’re easy to create, look 100% real, and are one of the easiest ways to stir up trouble for just about any target you can think of. Take this story, from a Politifact article:

As the Dow Jones plunged Feb. 5, not long after President Donald Trump boasted about the stock market gains, a fake Trump tweet surfaced in which he vowed that such a drop in the “Dow Joans” should result in the president being shot out of a cannon into the sun.

Though it was a hoax, that didn’t stop the Twitterverse from going nuts over it.

At 4:38 p.m. Feb. 15, Shaun Usher, who lives in Manchester, England and author of the Letters of Note website, wrote on Twitter:

“There’s *always* a tweet,” and then linked to a supposed Trump tweet from Feb. 15, 2015:

“If the Dow Joans ever falls more than 1000 ‘points’ in a Single Day the sitting president should be ‘loaded’ into a very big cannon and Shot into the sun at TREMENDOUS SPEED! No excuses!”

The current political climate has drawn a number of fake social media messages which gained traction, but this problem is hardly limited to politics. Take a second to consider what type of fake social media posts someone might spread from what appears to be your company accounts. Or, how about your own personal accounts? Compound this with the fact that these fake messages are easy to create and share anonymously and you start to see what a scary situation they can cause.

——————————-
For more resources, see the Free Management Library topic: Crisis Management
——————————-

[Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm, and also editor of its newsletter, Crisis Manager]

We love to connect with readers on LinkedIn! Connect with Jonathan | Connect with Erik

 

What do you do when market research presents you with an unfortunate reality? Perhaps the reality that customers who used to flock to your tables don’t like what you’ve become? If you’re Carraba’s you make lemons into lemonade, and put out a message letting people know they’ve been heard. Any time you fall on the wrong side of stakeholder’s expectations they want to know three things – what happened, that understand why they’re unhappy, and what exactly you’re going to do to set things right. Answer those three and generally you’ll have a solid message that can often serve as the base for a great direct marketing piece as well.

——————————-
For more resources, see the Free Management Library topic: Crisis Management
——————————-

[Jonathan Bernstein is president of Bernstein Crisis Management, Inc., an international crisis management consultancy, author of Manager’s Guide to Crisis Management and Keeping the Wolves at Bay – Media Training. Erik Bernstein is vice president for the firm, and also editor of its newsletter, Crisis Manager]

We love to connect with readers on LinkedIn! Connect with Jonathan | Connect with Erik

These days it can feel more like “guilty until proven innocent” than the opposite. And, if you wind up on the wrong side of public opinion you can bet the media’s been involved. While interactions with members of the media don’t necessarily need to be hostile, when you’re knee-deep in crisis most reporters are looking for a dramatic story, not to help you get your message out.

In this classic article, Jonathan Bernstein provides some tips to help you understand what leads to the media putting you on trial, and how you can best handle the situation in order to reduce the impact being painted as the bad guy preemptively can have.

Integrating Public Relations and Legal Strategy: Trial by Media

“Those who cannot remember the past are condemned to repeat it.” The quote is famous for a reason! Plenty of folks have come before you and made mistakes so that you don’t need to. Fortunately, Jonathan Bernstein has laid out a convenient list of the biggest mistakes in crisis communications. Learn them, know them, and avoid repeating history yourself.

The Biggest Mistakes in Crisis Communications

By Jonathan Bernstein

All organizations are vulnerable to crises. You can’t serve any population without being subjected to situations involving lawsuits, accusations of impropriety, sudden changes in ownership or management, and other volatile situations on which your stakeholders — and the media that serves them — often focus.

The cheapest way to turn experience into future profits is to learn from others’ mistakes. With that in mind, I hope that the following examples of inappropriate crisis communications policies, culled from real-life situations, will provide a tongue-in-cheek guide about what NOT to do when your organization is faced with a crisis.

To ensure that your crisis will flourish and grow, you should:

1. Play Ostrich. Hope that no one learns about it. Cater to whoever is advising you to say nothing, do nothing. Assume you’ll have time to react when and if necessary, with little or no preparation time. And while you’re playing ostrich, with your head buried firmly in the sand, don’t think about the part that’s still hanging out.
2. Only Start Work on a Potential Crisis Situation after It’s Public. This is closely related to item 1, of course. Even if you have decided you won’t play ostrich, you can still foster your developing crisis by deciding not to do any advance preparation. Before the situation becomes public, you still have some proactive options available. You could, for example, thrash out and even test some planned key messages, but that would probably mean that you will communicate promptly and credibly when the crisis breaks publicly, and you don’t want to do that, do you? So, in order to allow your crisis to gain a strong foothold in the public’s mind, make sure you address all issues from a defensive posture — something much easier to do when you don’t plan ahead. Shoot from the hip, and give off the cuff, unrehearsed remarks.
3. Let Your Reputation Speak for You. Two words: Arthur Andersen.
4. Treat the Media Like the Enemy. By all means, tell a reporter that you think he/she has done such a bad job of reporting on you that you’ll never talk to him/her again. Or badmouth him/her in a public forum. Send nasty emails. Then sit back and have a good time while:
   • The reporter gets angry and directs that energy into REALLY going after your organization.
   • The reporter laughs at what he/she sees as validation that you’re really up to no good in some way.
5. Get Stuck in Reaction Mode Versus Getting Proactive. A negative story suddenly breaks about your organization, quoting various sources. You respond with a statement. There’s a follow-up story. You make another statement. Suddenly you have a public debate, a lose/lose situation. Good work! Instead of looking look at methods which could turn the situation into one where you initiate activity that precipitates news coverage, putting you in the driver’s seat and letting others react to what you say, you continue to look as if you’re the guilty party defending yourself.
6. Use Language Your Audience Doesn’t Understand. Jargon and arcane acronyms are but two of the ways you can be sure to confuse your audiences, a surefire way to make most crises worse. Let’s check out a few of these taken- from-real-situations gems:
   • I’m proud that my business is ISO 9000 certified.
   • The rate went up 10 basis points.
   • We’re considering development of a SNFF or a CCRC.
   • We ask that you submit exculpatory evidence to the grand jury.
   • The material has less than 0.65 ppm benzene as measured by the TCLP.

   To the average member of the public, and to most of the media who serve them other than specialists in a particular subject, the general reaction to such statements is “HUH?”

7. Don’t Listen to Your Stakeholders. Make sure that all your decisions are based on your best thinking alone. After all, how would your clients/customers, employees, referral sources, investors, industry leaders or other stakeholders feedback be at all useful to determining how to communicate with them?
8. Assume That Truth Will Triumph over All. You have the facts on your side, by golly, and you know the American public will eventually come around and realize that. Disregard the proven concept that perception is as damaging as reality — sometimes more so.
9. Address Only Issues and Ignore Feelings
   • The green goo which spilled on our property is absolutely harmless to humans.
   • Our development plans are all in accordance with appropriate regulations.
   • The lawsuit is totally without merit.

   So what if people are scared? Angry? You’re not a psychologist…right?

10. Make Only Written Statements. Face it, it’s a lot easier to communicate via written statements only. No fear of looking or sounding foolish. Less chance of being misquoted. Sure, it’s impersonal and some people think it means you’re hiding and afraid, but you know they’re wrong and that’s what’s important.
11. Use “Best Guess” Methods of Assessing Damage. “Oh my God, we’re the front page (negative) story, we’re ruined!” Congratulations — you may have just made a mountain out of a molehill….OK, maybe you only made a small building out of a molehill. See item 7, above, for the best source of information on the real impact of a crisis.
12. Do the Same Thing Over and Over Again Expecting Different Results. The last time you had negative news coverage you just ignored media calls, perhaps at the advice of legal counsel or simply because you felt that no matter what you said, the media would get it wrong. The result was a lot of concern amongst all of your audiences, internal and external, and the aftermath took quite a while to fade away. So, the next time you have a crisis, you’re going to do the same thing, right? Because “stuff happens” and you can’t improve the situation by attempting to improve communications… can you?