Posts Tagged ‘crisis management plan’

Preparing for a crisis: webinar presentation now posted

Yesterday I had the privilege of speaking as part of Communicate magazine’s first Shouting With a Whisper webinars, on the topic of crisis preparedness.

For the next few months you’ll be able to view the webinar on demand. Or, if you just want to skim through a half-dozen slides on my bit you can view it below or on Slideshare.

Twelve tips of Christmas: #6 Use the slow period to your advantage (part 2)

In the last post we looked at using the winter slow-down as an opportunity to get your team back on track with their regular crisis management training. However, it’s important that your procedures and processes are also kept current, which is the topic for this post.

Every crisis management plan or manual that we write at Hill & Knowlton has an update register inside the front cover. This is to remind users that a plan is only as good as the information it’s based on. If you let it lapse, or the content is obsolete, then you’re not much better off than if you’d never had it to begin with.

If you already have a crisis management manual for your organisation, now’s an ideal time to get up to date with your housekeeping and give it one of your twice-yearly reviews. Here are a few pointers for things to pay extra attention to:

  • Confirm that the right people are still on your crisis management team. People move on and change roles, so it’s important to make sure you have the right people in your team for the next six months. The new year is a natural time of change, so now’s as good a time as any to review this critical detail. (Year-end is also a common time for appraisals, which means the job description of many deputy/alternate crisis team members may have changed and they may also need replacing)
  • Ensure contact details are accurate. It’s been a tough year and many organisations have seen staff numbers decline. Often, this results in some kind of physical re-shuffling of staff. Make sure that in any relocation your crisis team’s contact details either a) haven’t changed, or b) have been appropriately updated.
  • Call your alternative control centres. Usually these are local hotels with good AV and IT facilities. But while we’re looking at the general corporate slow-down, for industries such as leisure and hospitality this is a peak period. Make sure that those facilities you’re relying on to be there if your business is shut down, will in fact be available to you if you need them. It’s not uncommon for hotels to be fully booked at this time of year.
  • Check your hardware. We say it a lot on this blog, because it is the single most common issue we come across in any crisis simulation – the technology that the team needs to operate effectively just isn’t where it’s supposed to be (or worse, hasn’t been identified). Seriously, it’s a boring exercise, but it needs to be done.
  • Get a fresh pair of eyes on your manual. Our Issues & Crisis team frequently reviews clients’ existing plans just to see if there are any new ideas we can contribute, or glaring omissions we can help correct. It doesn’t take long if your manual is regularly updated, and frequently we find that having someone else look over a document provides the opportunity to improve something, even if it’s only incrementally. A suggestion that will save you half an hour in the midst of a crisis is worth the effort now.

The above tips are a useful starting point for reviewing an existing crisis management plan or communication manual. If you don’t already have one of these in place for your organisation, now’s as good a time as any to start.

Twelve tips of Christmas: #1 Protect your customers

In the lead up to the holiday season we’re rolling out the tried-and-tested “12 days of…” formula for our Hints & Tips posts. As today’s the first of December, it seems like a good time to start, and this story from Australia has provided the inspiration for this morning’s post.

JB Hi-Fi, one of the country’s most popular music and entertainment retailers, was the victim of a server hack. The result: users were reportedly re-directed from the company’s website to Chinese websites loaded with malware (for those non-techies who’ve never been infected, malware is malicious software – it does pretty much what it says on the tin). For this reason we’ve broken with convention and not linked to the site, as we’d hate to be responsible for exacerbating the problem.

In fact, most of the websites mentioned in the article on The Sydney Morning Herald website have experienced malware problems recently, including Whirlpool (a broadband discussion forum), Overclockers Australia (an online community for computer enthusiasts), and OzBargain.com.au (a discount online retailer). Each of these sites is frequented by tech-savvy visitors and in that respect the users are probably lucky in that they’re inherently better prepared for the trauma of a malware attack.

However here in the UK, online shopping is far more prevalent, and far less the domain of technophiles. Online commerce is easier and more pragmatic – products shipping from Birmingham to London arrive more quickly than they do in Sydney, for example, so the lesson for local retailers is clear. Protect your customers.

The holiday season increases the risk of infection many times over for three key reasons. Firstly, more trades will be conducted, so the law of averages says sooner or later someone’s going to get infected. Secondly, occasional users trade more during holidays, so you have a larger population of inexperienced users throwing themselves into the mix. Thirdly, with more trades, and easier victims, it’s a great time for hackers test their skills – it’s an opportunity for big, quick gains.

We’re not technical advisors, so in the first instance, check/flag any issues with your server manager. Send them this link (http://www.smh.com.au/technology/security/jb-hifi-website-served-malware-20091201-k2p3.html) if you need to.

From a crisis management perspective, here are five things you can do this week to help improve your chances of successfully managing a malware attack beyond the technical fix (should you be so unlucky):

Familiarise yourself with the Information Commissioner’s Office. As a regulatory authority it’s there to protect consumers, which means it’s in their best interest to help you do exactly the same. It also means that if you don’t manage a crisis well then you should expect a call, and it’s always better to know who you’ll be dealing with. In the first instance a visit to the Data Protection Act guidelines is a good idea as well. Dry reading, but important.

Increase your online monitoring. The great thing about malware attacks is they spike discussion forum traffic, and this can help you spot a potential issue well before it ever hits your system. So get your digital monitoring team or web agency to work enhancing your monitoring for the next few weeks. Suggested search terms to add (there’ll be plenty of others you can look for, including specific program names): retail, hacking, malware, data theft, data loss, server hack. Please post suggested additions in our Comments section.

Understand what your continuity plan is. In the event that you do experience a malware attack (or any other kind of online crisis really), it’s essential to know if and how this part of your business can continue to function. It’s time to buy your server manager that beer you’ve been meaning to.

Plan your communications in advance. Regardless of the nature of the problem, there aren’t really that many ways it can turn out. Among the most common are likely to be: infecting customers with malware, sharing of customer information, loss of customer information, loss of e-commerce functionality, loss of website. While it’s true that the details may be important on the day, you can save yourself a lot of time by planning in advance how your business is going to respond to each of these scenarios.

Put your crisis team on notice. This includes your agency support if you have it (and if not, now’s a really, really good time to get some). It’s holiday season – chances are half your team will be away. Know in advance who their deputies or alternates are, and make sure everyone’s briefed on management and contingency plans before you break up for the holidays. If you’re in a business that closes down between Christmas and the New Year, or runs a skeleton staff, know who’s going to be available to help fix any problems that arise.

As always, if you have any questions about the tips outlined above, or if you need a hand with preparing your organisation to handle a crisis over the holiday season, please get in touch. And happy holidays!