CRISIS INSIDER January 2021

prnewsonline.com

Brand Promises Need Action to Earn Trust, CredibilityThe past year has brought unprecedent-ed difficulties for companies and organi-zations, some self-inflicted. Black Lives Matter, the COVID-19 pandemic and sociopolitical unrest inflamed an envi-ronment made ripe for companies and organization to rush in with statements about solidarity and the need for change.

Yet many of those statements rang hollow for consumers, creating blowback on brands whose words were viewed as ill-conceived or willfully ignorant at best.

in a 2018 study that nonprofit Do Something conducted, researchers found that 67 percent of respondents

Truth Decay: Former President Barack Obama mentioned this term during a “60 Minutes” interview (Nov. 15, 2020). He defined it as not telling the truth and the truth being unimportant. Indeed, a Brodeur Partners study (Nov. 2020) reports 50 percent of Americans say getting accurate information has become more difficult. As a result, they say engaging in civil discussions on issues is more difficult. Implica-tions for authenticity and clarity in crisis communication are obvious.

Massive Shakeout: Even before violence at the U.S. Capitol Jan. 6, brand commu-nicators were pointing to 2021 as a time when consumers will press companies on the social-racial promises they made in 2020. Lip service and empty press releases promising diversity, for example, will no longer cut it, insiders say.

Terms You Need to Know

January 2021

Special Media Relations Needs in a Cyber Crisis 2

How to Respond When Politics and Crisis Mix 3

Using Goals to Find Reputation Software 4

Internal Communication Eases Chapter 11 Woes 5

D.C. Police Respond Fast to Riot at Capitol 8

CRISIS INSIDERINSIDE THIS ISSUE

Insights, Strategies and Analyses for Brand Reputation Management

HOT ZONE

BUZZ BOx

CrISIS fOrECAST

Pepsi’s Counter-Crisis Effort Helped Meet 2020’s IssuesRisks went regular last year. Yet compa-nies that previously invested in estab-lishing strong stakeholder relationships navigated the difficult issues of 2020 faster and were able to advance farther in the face of such adversity.

Chances are companies that were able to successfully handle last year’s polit-ical, social, health and economic issues did so using some measure of what I call counter-crisis infrastructure. PepsiCo of-fers a good example.

Kenny Thompson, who heads the company’s external affairs across North America, recently shared a few insights about how the multinational food, snack and beverage entity’s proactive ap-proach better prepared it to handle the challenges of COVID-19, Black Lives Mat-ter and, particularly, the polarizing politi-

(Continued on page 2)

(Continued on page 4)

Pro-Trump supporters breached the Capitol in Washington, D.C., on January 6.

Crisis insider | January 20212 prnewsonline.com

CrISIS fOrECAST (Cont’d from p. 1)

cal climate of 2020.

ConSiSTenT ouTreaChFirst, he emphasizes the importance of ongoing engagement with partners. Instead of episodic or ephemeral out-reach, companies ought to cultivate robust channels of communication and collaboration with stakeholders.

This often requires going below the big project. Long before COVID-19 struck, Thompson notes, PepsiCo “had great national partnerships with organi-zations.”

But, the reason Pepsi was able to build these partnerships was due to the company’s local reach, he says. These bonds are not due to distant corporate deals, they are personal relationships. As a result, Pepsi had knowledge of local issues and had gain community trust. These enabled Pepsi to tap its sources to get better information about what they needed, act more quickly and have a larger impact when issues arose last year.

inTernal CaPaCiTyStrong internal capacity was another pillar of Pepsi’s crisis response. Too of-ten, corporate offices lack experience collaborating with various stakeholders on external projects.

Prior to the pandemic, a wide range of Pepsi executives were consistently communicating with their corporate colleagues, the company’s foundation, truck fleets and community leaders. There was trust across the organization

in not just what pepsi wanted to do in response to the pandemic and the eco-nomic and social upheaval of 2020, but also in the potential its partners pos-sessed.

Pepsi’s relationship with the urban league is illustrative of this close co-ordination. Executives didn’t just show up for occasional black-tie galas. In-stead, Pepsi built a relationship of trust through working side by side to design and develop projects.

As Thompson says, “We were at the table already,” which allowed Pepsi to move more rapidly when the pandemic struck, for example, to launch initiatives like the Black restaurant accelerator in response to the struggles of small businesses.

Counter-crisis infrastructure is not developed overnight and it cannot sit idle in a plan. What Pepsi has demon-strated is that the power of proactive partnerships can help to not only build trust externally, but internally as well.

A strong counter-crisis infrastructure enables companies to get valuable early warnings and co-create more effective engagements.

These reservoirs of trust and goodwill ultimately helped Pepsi to emerge from the considerable challenges of 2020 in a stronger, more strategically optimal position. CI

-Brett BruenBrett Bruen teaches crisis at Georgetown

University and served as President Obama’s director of global engagement. He is presi-

dent of the Global Situation Room.

Vol. 2 no. 1

For subscribers only: full access to Crisis Insider archives at

www.prnewsonline.com

Published monthly by Access Intelligence, LLC 9211 Corporate Blvd, 4th Floor

Rockville, MD 20850 ©2021 Access Intelligence LLC.

Federal copyright law prohibits unauthorized reproduction by any means and imposes fines of

up to $150,000 for violations.

Client Services: Phone: 888.707.5814 •

Fax: 301.309.3847 e-mail: [email protected]

New York Editorial Office: 40 Wall Street, 50th floor

New York, NY 10005 Phone: 212.621.4890 • Fax: 212.621.4879

Group Subscriptions — [email protected]

Additional Copies & Article Reprints — Contact Wright’s Media, 877-652-5295; [email protected]

CRISIS INSIDER

Editorial Director, Erika Bradbury, [email protected]

Editor, Seth Arenstein, [email protected]

Senior Content Manager, Sophie Maerowitz, [email protected]

Senior Editor, Nicole Schuman, [email protected]

Director, Marketing Production, Tracey Lilly

SVP, Marketing Group, Dan Hanover

Divisional President, Kerry Smith

Chief Operating Officer, Heather Farley

President & CEO, Don Pazour

editor’s note: Lost in the hubbub of politics and holidays was the hack of Solar-Winds, reported Dec. 8. Eventually more news emerged, including the instigator (likely Russia) and two targets: Microsoft clients and the U.S. government. Cy-ber crisis experts Kaylin Trychon, VP, rokk Solutions, and Kristin Miller, director, Ping identity, offer us tips and takeaways.

Why You Need to Know Two Sets of reporters Before a Cyber Event Strikes

Crisis insider: Given the variety of reg-ulations, is there a standard timeframe within which you recommend compa-nies tell the public that they’ve experi-enced a cyber incident?

Kaylin Trychon: You bring up a good point. There isn’t a one-size-fits-all an-swer to communicate when you discov-er a breach, due to the different regu-lations around government agencies,

CrISIS DIAlOgUE

Crisis insider | january 2021 3prnewsonline.com

WATErCOOlEr

How Organizations Should respond, Internally and Externally, to Divisive Situations Outside Their Control

In the wake of the recent riots on Cap-itol Hill [see p. 8], we spoke to Dee Donavanik, VP at Washington, D.C.-based Scott Circle Communications, about how organizations should com-municate after backing someone who has incited riots, spewed disinforma-tion or committed other misdeeds.

While this question is raised in re-sponse to the events of January 6, 2021, the answer also applies to instances beyond recent events in Dc.

Question: how do you handle criticism of your brand or executives for being complicit in backing someone found to have committed egregious transgressions?

Dee Donavanik: It all comes down to authenticity. If your organization preaches a certain thing…you have to back up your values with action. Especially now, since all cus-tomers and stakeholders care about authenticity; you have to walk the walk, and be prepared to take meaning-ful action to show you are doing more than just paying lip service.

Most companies are warranted in taking some sort of action. They have a code of conduct, and if employees are doing something in public, companies have a right to say something. [Capitol Hill rioters] are losing their jobs and [companies] have done a good job saying they support the right to everyone having political views but this is be-yond that. [Jan. 6] was a violent, dangerous action with which [some companies and employees] were aligned.

Companies are coming out because they feel they can’t not comment on it, but you need to know what makes sense for your brand.

When everyone was putting out a statement on Black Lives Matter…if your brand hadn’t done anything on that issue and you weren’t doing anything to address it, then putting out a statement for the sake of it was pointless. If you’re a brand like Ben & Jerry’s, then it makes sense.

inTernal CoMMuniCaTion MaTTerSMake sure you are reiterating your perspective in all [in-ternal] communication materials. Make clear what expec-tations [you have for] employee conduct.

Things will always surface on social media. You can vet [employees] as much as you want ahead of time, but things will always come to the surface after the fact.

So prepare a response plan as needed, do that vetting as much as possible ahead of time and reiterate it all to the public, your stakeholders and employees.

Your employees are looking for acknowledgment. We work in D.C. and even if you aren’t working in politics, the proximity alone is impacting everyone. Having your lead-ership acknowledge it makes sense.

PreParing for anoTher inSTanCe[A divisive situation is] going to pop up again and again. People have to prepare a game plan or have their team ready to prep as needed. It’s going to be a case-by-case basis what your exact response is, but just know that you can’t ignore it. Even if you don’t push out a public re-sponse, you have to discuss it [internally].

Crisis on-call teams, depending how the organization is structured, should include leadership, the communica-tion team and the person running social. Even if that’s a junior staff member, he/she is the front line if someone starts commenting, so it’s crucial to make sure that per-son is aware of how to spot red flags.

Dee DonavanikVice PresidentScott Circle

Communications

(Continued on page 6)

Kaylin TrychonVP

roKK Solutions

state versus federal, public versus pri-vate, etc.

What you don’t want to happen is for a reporter to come to you and say, ‘I’ve found out you’ve had a breach. And if you don’t talk to me now, I’m going to run my story, and you’re not going to be part of it.’

It’s fair for an organization to try to wrap its arms around what it can know when...an intrusion has happened. You don’t need to communicate externally at that point.

Crisis insider: what do you do?

Trychon: Alert your communication team because this is going to be some-thing they’ll eventually need to disclose.

And you want to loop them in as soon [as a breach is discovered. Communicators] need to be talking with secu-rity teams.

Also, when you dis-close, the question you hear is, ‘Well, what was taken?’ And sometimes you don’t know right off the bat. You don’t know how far [cyber criminals] have gone. You don’t know if they’ve taken [any data].

So, you really want to understand what you can say and be very clear about that message. Anticipate what [media] is going to ask, and then be very transparent, or as transparent as you can be. Legal always needs to be in the

loop early, along with communications.

Kristin Miller: Kaylin is spot on. It’s back to basics. It’s the power of that holding statement: ‘We’re investigating and we’ll get back to you.’

There’s a time limit…those holding statements only work for a certain peri-od of time. So, it’s important to update them as you know more. Nobody is ex-pecting you to know all the answers, es-pecially in a cyber breach. It takes time. There are a lot of unanswered ques-tions. You see that with SolarWinds. News keeps coming and coming and coming.

What’s important in that holding statement is that you give accurate de-

CI

Crisis insider | January 20214 prnewsonline.com

Desired goals Should Inform Your Choice of reputation Management SoftwarePR pros are not strangers to managing reputation. Thankfully, long gone are the days of combing through newspa-pers for clips. Reputation management software provides platforms and tools to monitor all aspects of client men-tions, products and services.

The CoMPonenTSMost reputation management software provides a detailed search through key-words. Some track social influencers. Others crawl through online reviews or evaluate user experience on sites. Some software tools do all this.

Similar to most PR initiatives, the first things to ponder when consider-ing a relationship management tool are what goals you’ve established and what needs monitoring as a result.

Do you want a tool that will help you survey information that could help pre-vent potential crises, or provide assis-tance when a crisis has struck? Are you interested in gathering opinions about what an audience thinks about your brand generally, or specifics such as your products or customer service? Do

you need help with strategy?

The BenefiTSFor some communicators, a tool that handles several tasks is the best route. Others want a tool that provides infor-mation on just one or two areas.

Daria Samokish, PR specialist at SEO company ahrefs, uses Brand 24 to monitor the start-up company’s online reputation.

“SEO experts regularly publish over-views of our product in their blogs. I need to be always on track with the company’s brand reputation” at a given moment, she said.

“In PR, every good mention can be-come a start of ongoing working rela-tions,” she said.

“Every missed opportunity of a mean-ingful conversation delays the compa-ny’s media coverage and your profes-sional success. Sometimes [finding] established connections can bring un-expected media coverage.”

SPeeD, rePuTaTion anD CriSeSAdam Hildreth, founder and CEO of

Crisp, which provides early-warning risk intelligence, says tools that can offer speed to communicators are key. “The risks to an organization’s brands, peo-ple and assets are now uniquely teth-ered to its reputation,” he said. “This is the result of digital chatter not only ac-celerating risks at lightning speed, but also being hard to detect early enough.”

free ToolS All is not lost should you lack resources. There are free tools, including google alerts. It’s not the most robust tool, and you’ll likely receive alerts after a crisis begins.

Another good free tool is The Brand grader. Using Mention, a media moni-toring app, it gives users a glimpse into how their brand is performing online.

We test drove it, using the word “PRNEWS.” Its report provided a list of influencers and other sources that men-tioned PRNEWS the previous 30 days.

In addition, it offered sentiment and mentions detection, locations of the mentions and a follower count on sev-eral social platforms.

CrISIS TOOlBOx

had stopped buying, or would consider doing so, from companies whose values did not align with their own.

Conversely, the study showed that 76 percent said they purchased or would consider buying from companies that shared their values on issues they con-sidered important.

Latia Curry’s recent harvard Busi-ness review article skillfully breaks down the challenge.

Curry cites examples of companies that have gotten it right—think Ben & Jerry’s, gap, Netflix—and those that missed the mark but keep trying (to their credit), including Sephora, Spotify and Starbucks.

Companies, Curry said, that fall into the “willfully ignorant” category include brands like amazon, facebook, l’oréal and Popeye’s.

Some companies are asking why they should wade into perilous waters in the first place. It’s simple–there is no choice. Today’s consumers, particularly Millen-

nials and Gen Z’ers, expect companies to take public positions on social and political issues.

As 2020 taught us, companies that issue public statements without first making the structural investments needed to live their values are setting themselves up for reputation blow-back. Change cannot happen overnight, and it must start with a thorough, and possibly painful, look at internal oper-ations, policies, and practices to deter-mine whether corporate actions live up to the words in the mission and values statements. Companies without a stat-ed mission and values must start there.

Figure out what you stand for and build structures and practices to sup-port those values. Only when the mis-sion and values are lived inside the company should leaders begin to take public stands on issues of interest to stakeholders.

It takes time to build a track record that will enhance credibility and build

reputation. Consumers will see one-off ad campaigns or public statements hastily issued as disingenuous efforts. Throwing money at a cause without demonstrating its values within your company will backfire.

To use a cliché, companies must ‘walk the talk.’ To do that, make sure that your house is in order before taking public action. If it is not, a little humility goes a long way. Acknowledge missteps and communicate honestly about your plan for change. Invest in structural change. Cease practices that don’t support the mission and values. Finally, donate to organizations that are doing the hard work of leading societal change. Engage early and often with stakeholders in meaningful ways. Actions like these can cement brand loyalty and help a compa-ny grow and thrive.

–Deb HilemanDeb Hileman, SCMP, is president and CEO, Institute for Crisis Management

HOT ZONE (Cont’d from p. 1)

CI

CI

Crisis insider | january 2021 5prnewsonline.com

PrOfIlE

Increase the Volume of Internal Communication During Pandemic to Help Chapter 11 filings run More Smoothly

A Texas-based oil and gas company needed to restruc-ture. Uniquie to the situation was that the company en-tered Chapter 11 having a full support agreement, mean-ing lenders already approved a plan for it to emerge after reorganization.

Sounds straightforward, right? Not so fast.Since the filing happened during the pandemic, the

communicators it hired weren’t on site. “Usually, we sit with the client for a week and train the trainer,” says Jen-nifer Mercer, a partner at Paladin Management group who runs its strategic communication unit.

ProaCTiVe engageMenTIn pre-COVID-19 times, Mercer’s team typically visited companies that hired it and offered communication ad-vice.

“Town halls and those face-to-face [meetings] are the biggest things that, prior to COVID-19, we would employ a lot. Seeing someone talk to you is dif-ferent than reading” what will happen in a chapter 11 scenario, she says.

To combat the lack of in-person con-tact, Mercer’s team prepared a package of content. This included letters, FAQs and hotlines for vendors, employees and thousands of royalty holders, who

own pieces of property where the company drills.“What makes [royalty holders] unique is that companies

don’t engage with them on a regular basis,” says Mercer. “It was important [that royalty holders] knew out of the gate what happened and why…it brought down the ener-gy and [they] understood it wouldn’t impact their mone-tary relationship.”

inTernal iS KeyOne of the biggest issues during Chapter 11 is ensuring employees are productive during the process, says Mer-cer. “If you don’t communicate, you have low morale and people don’t perform because they are confused and scared” that they may lose their jobs and benefits.

Mercer advises companies to push communication down through the “next in command,” who then reach out to their reports, and so on. This allows employees, within hours, to receive appropriate information.

After leadership receives an explanation of the Chapter 11 process, it receives a playbook that includes a letter, FAQs, talking points, fact sheets and often a visual ex-plaining the filing process.

Employees are one of groups that brings a company’s message to the outside world. “So, the better they under-stand [the Chapter 11 process], the more transparent a company is, the higher the likelihood that employees car-

ry the message correctly,” says Mercer. It’s imperative, she says, to describe to staff that Chapter 11 allows a com-pany to restructure its debt to secure its future, which is good for all constituents.

a SeaT aT The TaBleThe number one thing that an organization going through Chapter 11 needs to remember is to keep the PR team in the loop, alongside the C-suite, finance departments, attorneys and HR. Unfortunately, PR often is left out of the initial conversation.

“If they don’t have the context, it will be hard to [man-age] the narrative” once it hits the media, says Mercer.

Jennifer MercerPartnerPaladin

Management Company

CI

MANAgINg THE NArrATIVEAsked about a recent pitfall, Mercer pointed to a com-pany preparing to file for Chapter 11. The company be-lieved its Chapter 11 news would fly under the radar and failed to issue a press release.

Despite reiterating the importance of communicat-ing the news, Mercer’s view was not accepted. Worse, the company worked in one of three jurisdictions that has bankruptcy beat reporters (the Southern District of Texas, Houston division; the Southern District of New York; United States Bankruptcy Court for the District of Delaware).

So it was not a surprise that not only was the filing covered in the media. In addition, much of the informa-tion in the coverage was inaccurate.

“Things fell apart because [communicators] no lon-ger had” input, mercer says.

TIMINg IS EVErYTHINgFor Mercer, timing drives the schedule for distributing a Chapter 11 press release.

She favors the lead-steer approach–particularly in one of the three districts mentioned above. In these cases, she will give a reporter an embargoed exclusive timed for when the Chapter 11 petition is filed. It’s only after the story runs that she sends a press release to other media outlets.

“That first story is the stake in the ground that others will pick up, often citing” it, she says. “It gives third-par-ty credibility.”

For example, a Wall Street Journal report that a company intends to exit Chapter 11 in 45-60 days has more standing in the public’s view than a company report.

“It’s effective in [all] crisis situations, not just Chapter 11. It allows you to [better manage] the narrative,” she adds. CI

Crisis insider | January 20216 prnewsonline.com

What you don’t want to happen is for a reporter to come to you and say, ‘I’ve found out you’ve had

a breach. And if you don’t talk to me now, I’m going to run my story, and you’re not going to be

part of it.’

tails. False and misleading statements can mean immense damage to a brand’s reputation.

A good example of this is uber’s data breach coverup in 2016, which resulted in a $148 million fine.Crisis insider: For most communicators dealing with cybersecurity, there’s an-other group of reporters to get to know.

Trychon: That’s right. It’s so important. There two types of reporters covering your breach. First, there are reporters who cover [your industry]. Then, there are reporters who have the cyberse-curity rolodex. They cover these inci-dents; they know the technology. They know the space, and they know who to call to ask, ‘Are they telling me what they should be telling me? Help me read through the lines on this holding state-ment.’

I’m not saying you have to hit up all 50 to 100 of them. But get to know the one or two at the top tier who are probably going to break the story and just make sure you say, ‘Hey, I want to connect you with my security team…Should you need [sources], we can provide it.’ You have to be aware [of these reporters] because that’s who’s going to burn you.

Crisis insider: OK, but what if you have a CEO who doesn’t want to do this? He or she doesn’t want to have the security team introduced to a reporter.

Miller: I’ve not run across a ceo who thinks this way, who doesn’t take cyberse-curity seriously. If they don’t [take it serious-ly], they’re certainly not doing the best they can in this new landscape.

PR is a relationship business. Kaylin’s right; you have to have relationships with reporters, in your vertical and out-side your vertical.

But it’s not just about those external relationships. It’s also about relation-ships with your security team. In times

of crisis, you’re going to be working with them closely. [A crisis] can’t be the first time you’re making an introduction. Build those relationships. Schedule one on ones. Get to know them. Happy hours. Everyone needs to eat lunch.

Crisis insider: The CEO says, ‘So, you want the security team to meet with a reporter. Does that mean we’re going to have a breach soon?’ How does the communicator respond?

Trychon: You say, ‘Knock on wood, we’re not going to have a cyber event anytime soon.’ But then you explain that in reali-ty we could be having a cyber even right now. You don’t know.’

SolarWinds is the perfect example. 18,000 companies are impacted. And that’s what they’re calling ‘a small per-centage of our customers.’ It’s probably the crème de la crème of SolarWinds’ customer base.

You say, ‘so, we’re doing this so we can get through it in a way that keeps our brand reputation intact and lets us drive the narrative. Lets us be a voice in our story and not let somebody else dic-tate it. It’s smart.’

Crisis insider: SolarWinds: what were the lessons?

Miller: The biggest one might be how we define the word ‘crisis.’ This af-fected hundreds or thousands of the world’s largest companies and govern-ment agencies. It makes any other data breach look small in comparison.

That might be a good thing for some crisis communication professionals, whose smaller data breaches might not make front-page news. It’s completely reset our expectations and definitions of what a crisis is.

In addition, SolarWinds has taught us there’s an increased chance of crisis happening to you as you open up [your network] to 3rd parties….

So, if you are a communication pro-fessional, you need to have a crisis play-book. And if you don’t have one, start one now. Today.

And if it’s something you inherit-ed from 5 years ago and you haven’t looked at it, look at it. Now. Know it like the back of your hand.

Trychon: Verbiage matters. There was a ton of fallout about using ‘attack’ versus ‘intrusion,’ or the phrase ‘this is an act of cyber war.’

We learned a big lesson. There are a lot of ways we talk about cybersecurity incidents. Everyone uses terms differ-ently. And that has huge ramifications for what it actually means to ‘commit an act of cyber war.’

We learned the hard way during So-larWinds when so many people were throwing around different descriptors. So, one of the lessons was that the words we are using are very important when we are talking about these types of crises.

Crisis insider: Based on what you just said, what should communicators do?

Trychon: Be really descriptive. Say, ‘This is a cyber intrusion.’ Or, ‘This is a cyber attack.’ Always defer to the security peo-ple on your team [about terminology.] And make sure you’re listening to them. They’ll know how to categorize it and know how to avoid embellishing what’s happened. And if you’re bringing in peo-ple from the outside, they’ll know the proper language and terminology. Legal will also.

Miller: I agree. Words matter. There’s a difference in using the words ‘bad actor,’ which implies that someone has done something bad, vs employing the phrase ‘cyber criminal,’ which usually implies that the act was illegal and de-serves criminal punishment.

Crisis insider: Another lesson?

Trychon: Have a plan and practice it. Your security team will be holding ta-ble-top exercises in 2021, get a commu-nication component, internal and exter-nal, in it. Internal is something we don’t always talk about [when discussing cri-

CrISIS DIAlOgUE (Cont’d from p. 3)

Kristin MillerDirector, Corporate Communications

Ping identity

Crisis insider | january 2021 7prnewsonline.com

sis], but employees can talk too and you never know whom they’re talking to or tweeting.

From SolarWinds, one of the lessons is that information security also includes misinformation and disinformation. We do not know what information can be spewed and spun because of how much we don’t know about the attack. There could be companies that weren’t in-volved and someone tweets that a com-pany’s data was stolen. Now, you have to respond, even if it’s not true.

So, I think, you need to consider mis-information and disinformation as a breach, not of your network but of your reputation. Brands are really going to have to deal with that. It could happen to any company. Look at Wayfair.

Crisis insider: We’ve seen crisis state-ments from companies that, to put it kindly, are difficult to decipher. Are they trying to obfuscate?

Miller: No. I don’t think anyone’s trying to purposely confuse [the public]. It’s a burden to be completely accurate. The amount of input and teams that go into these statements...it’s not just the com-municator; it’s the security team, legal, executives. Every word in every state-ment has been pored over by dozens of people.

Trychon: Some people are uncomfort-able with things tech or tech-related. security is not an easy concept to un-derstand. How a breach happens. How these actors are using the internet. These [incidents]... are not easy to pic-ture and explain with words.

So, I think that uncomfortable-ness sometimes comes out in the statement. And sometimes you have leadership who doesn’t know the inner workings, and they’re uncomfortable because they don’t. So, when statements are brought to them [for approval], they’ll say, ‘This sounds fine.’

Crisis insider: What’s the work-around?

Trychon: Start at the beginning. Make sure communicators and response teams know each other, as Kristin said. [Communicators] shouldn’t be meeting [crisis and security teams] for the first time [during a crisis]. They should have a playbook and have practiced.

Security teams do table-top exercis-es all the time. You need to weave in a communication component. And invite a journalist or two. [Journalists] want to see operations succeed in this, because it’s important to their beat; it’s informa-tion-sharing. And they want to share in-formation that other companies pick up and learn from. To be successful here [companies and communicators] need to share information.

So, those are the important pieces here: relationships and that you’re be-ing as clear and concise as you can be and as transparent as you can be and try not to let the technology make you scared of saying, ‘This is just the black-and-white version of what happened. Here’s what you need to know. We don’t want to over-adverb or -adjective what’s happening here.’

Miller: It doesn’t really matter how well you know the playbook. But, does the rest of your team know it? Crisis is not a one-person event. You need a strong team that’s going to monitor and report and meet with various teams. And they have to know that playbook as well as you do. So, it’s important to have that broad table-top exercise.

Trychon: Crisis loves to happen when you’re on vacation. It’s good to have a playbook so somebody can take the reins.

Miller: Even a quick-start playbook, I’ve found, is really important. If your top cri-sis person is away, someone else can go into a meeting and know the five to10 questions you need to have answered immediately to have the initial data and run with it. That can live in tandem with your crisis communication playbook. Or it can live adjacent to it. It really helps streamline the issue. Crisis insider: Let’s talk about commu-nicating third-party crises. we saw that, for example, in SolarWinds.

Miller: All PR people have crisis plans, but not many have those detailed mes-sages for third-party supply chain at-tacks. I hate to use the word ‘fault’ but how do you message when your com-pany didn’t do anything wrong, but a third-party supplier is at fault? It’s a chal-lenge and a bit different how you take that ownership. As communicators, we

need to take ownership of issues, but nuancing co-ownership is tricky. At the end of the day, customers don’t really care who’s at fault. They care how you handle and fix it.

Trychon: Right. The bottom line, espe-cially if you’re dealing with consumer data, is they don’t care how [a breach] happened. They want to know, ‘What did they take? What do I need to change, and how’s this going to impact me?’

With a third-party breach, communi-cating depends on what sector you are in, who are your customers and what they want to know. It’s hard [to commu-nicate] when it’s not your fault.

And the [third party] is communi-cating and doesn’t always have all the pieces. So, then you have to be careful about what you say and when. Because you could say something and then later, when the third-party company issues a statement, it could be more compre-hensive than yours.

Crisis insider: We assume you both feel coordination with the third-party com-pany is crucial?

Miller: oh, yes.

Trychon: Absolutely. As legal and se-curity teams are having conversations, communication people need to be moved in and talking to each other too.

Crisis insider: Say I’m a one-person communication shop at a small com-pany. I’m told we’ve had a breach. What should I do?

Miller: I don’t know that the fundamen-tals differ from a small company to a large enterprise. The same principles apply. But most communicators at small companies are used to wearing multiple hats. Those skills really translate well when managing a crisis.

Trychon: If you’re a small business, you’re likely bringing in an incident re-sponse firm to investigate and find out what happened and sometimes they have a communications arm. Or they work with an agency that’s really good at [communicating cyber incidents]. But you have to know to ask for that service. It’s usually not more expensive. Some-times small companies don’t know to ask for it. CI

Crisis insider | January 20218 prnewsonline.com

D.C. Police Communicator: Personnel flexibility Was Key During Capitol riot Dustin Sternbeck hasn’t slept much since Jan. 6. He’s not planning on sleep-ing much until after the Jan. 20 inaugu-ration. Sternbeck is director, office of communications, for the Metropolitan Police Department.

The Metropolitan Police is Washing-ton’s police department. Sternbeck and about one dozen communicators were in the middle of the capital city’s response to violence at the U.S. Capitol.

While Sternbeck’s job is demanding, it doesn’t compare to D.C. police and Cap-itol hill Police officers faced Jan. 6 when a mob estimated at 15,000 stormed the Capitol.

DefiniTionS firSTBefore we get too deep, it’s important, Sternbeck says, to make something clear. The Washington area is an alpha-bet soup of law enforcement groups. He estimates 70 different police units in the area, including squads for the State Department, the u.S. Mint and Met-ro, the area’s transit and subway. Its officers are Metro Police as opposed to Metropolitan Police. Confused?

D.C. police, he notes, are not respon-sible for patrolling the Capitol grounds. That’s the domain of the Capitol Hill Po-lice, a 2,100-person unit that reports to House and Senate leaders. D.C. police officers enter the Capitol area only after Capitol Hill Police request them.

The first of many breaches at the Cap-itol occurred Jan. 6 at around 12:50pm. D.C. police were called around 1pm for assistance. Sternbeck notes D.C. police had several Civil Disturbance Units post-ed near the Capitol and White House “given the day’s events.”

At 1:50pm, D.C. police on-scene com-mander Robert Glover declared the situ-ation a riot. Some 60 police officers–D.C. and Capitol Hill–were injured. One Capi-tol Hill Police officer died.

By now you’ve likely seen footage of the police officer with his neck and up-per torso squeezed between a door and a metal doorframe inside the Capitol.

He’s crying in pain. That was one of Ster-nbeck’s: D.C. police officer Daniel Hodg-es, 32. While that was going on a rioter ripped off Hodges’s gas mask and beat him with his own baton, while another tried to gouge his eye.

ConSiDering DeaTh“I thought, you know, this might be it,” Hodges told aBC news. “I might die....” It was just one of three times Hodges felt he might die that day. The other times were when he was outside the Capitol, surrounded by pro-Trump sup-porters and beaten. Falling back to the Capitol, with the crowd chasing him and

colleagues, was the other time. Also seen in viral footage is an officer

on the ground, outside the Capitol. The crowd surrounds that officer, Michael Fanone, 40. Someone has removed Fa-none’s club and is beating him with it. Fanone’s crying for mercy. Someone in the crowd shouts, ‘We got one. We got one. Shoot him with his own gun.’ “Please don’t shoot me. I have four kids,” Fanone responded. It worked. Some of the mob backed off.

In the end, both officers survived, though Fanone, was tased six times, and suffered a mild heart attack.

A major issue in crisis communica-tion is when and if to call a press con-ference. Senior leaders of the District of Columbia, including the mayor and Ster-nbeck’s boss, the chief of police, moved quickly to be transparent. They called a press conference for 4:30pm. It was the media’s first briefing. The Capitol wasn’t secured until around 8pm.

So, the situation was fluid when the presser began. “Absolutely,” Sternbeck says.

Still, it was the right call. As in many cri-ses, time was critical. The mayor needed to inform the public of a 6pm curfew. In addition, Sternbeck says, one goal was to get Congress back to work–certifying the presidential election–by 8pm.

A 5-year veteran of the department,

Sternbeck has worked crises and large, high-profile events.

“To say [he and other police commu-nicators were] prepared for an insurrec-tion and possible overthrow of our gov-ernment would be premature,” he says.

In addition, he notes correctly, “every crisis is unique.” Still, experience with large events helped his team. Their im-mediate goal was to identify “informa-tion conduits and direct reporters” to schedules and updates.

“You have to recognize [reporters’] frustration, they always want informa-tion, and provide a sense of direction to them. It alleviates some of the press-sure.” Sternbeck worked to give media a timeline for when they’d get informa-tion and what they’d get.

leSSonS learneDWhat did Sternbeck learn that day that would help Crisis Insider readers? The importance of personnel flexibility. Half his team was quarantined and was un-available. Remaining team members handled roles they don’t normally do. “Their willingness to be flexible proved invaluable,” he says.

This was so during the press con-ference, when flexibility meant some personnel answered phone calls from reporters, others wrote talking points, still others relayed what little informa-tion there was to leaders from the field in real-time.

The second lesson: Identifying positive moments during the response is neces-sary and is part of the recovery phase. “As horrific as the moment was…I can remember watching the crowd storm the grounds,” approaching “our officers,” who were in a tunnel near the Capitol.

In a command center, Sternbeck watched as officers “were getting hit with bear spray, being beaten with flag poles, kicked and punched.” Still, as he watched the images, he was looking ahead. He thought, “The ability to tell the story from the officers’ perspective is going to be so powerful it will help us in the recovery phase.”

Indeed, last week Sternbeck sent 6 officers, including Hodges and Fanone, to meet with local, national and interna-tional media. “Getting out their stories was critical to the recovery,” he says.

CrISIS rESPONSE

CI

The first breach was at 12:50. D.C. Police were called around 1. A riot was declared at 1:50pm. D.C. held a presser at 4:30pm, though the Capitol was still under siege.