Our take on the three most interesting crisis case studies from the past 12 months – what happened and why we can learn from them.
We are not featuring the COVID experience, purely because the pandemic is not yet over. While we hope we are towards the end of the wild ride, the coronavirus will continue into 2021 and thoughtful reflection only will be possible when we safely reach the next normal.
Since it is impossible to separate the public health crisis from anything that happened this year, COVID makes cameo appearances even in issues that originated from very different challenges.
THE TWITTER CYBERSECURITY BREACH
What happened?
In July 2020 Twitter reported that it faced a serious incident in which 130 accounts were compromised, many belonging to notable people, including Barack Obama, Joe Biden, Bill Gates, Elon Musk and Kim Kardashian West. At the time Twitter said in a statement:
“At this time, we believe attackers targeted certain Twitter employees through a social engineering scheme. What does this mean? In this context, social engineering is the intentional manipulation of people into performing certain actions and divulging confidential information.”
Since this blog looked at the details of the hack, the New York Department of Financial Services published a detailed and fascinating look at what happened and drew insights on managing the risks for all concerned.
That report points out that while the hackers only stole $118,000 of bitcoin, the 17-year-old and his accomplices exposed the vulnerability of a global social media platform with 330 million users.
Why is it important?
One report suggested that cybercrime rose 600% during the pandemic, with the biggest increase in sophisticated social engineering attacks, including bad actors posing as the CDC or WHO.
Consultants PWC surveyed more than 1,000 US workers to assess what they knew about cybersecurity for home working and to test whether training was hitting home with key lessons. Based on its research, PWC concluded that while most employees are aware of cyber theft and other dangers, most do not grasp the devastating consequences of a data breach and other attacks on their company – or themselves.
The New York report on the Twitter hack made specific recommendations on employee education and training, including:
- Explain in plain terms that employees will never be asked to provide their log-in credentials over the phone or via e-mail.
- Recommend controls and prudent practices that employees should implement when using your organization’s remote access services.
- Recommend technical and business controls that can be implemented to mitigate the risks from fraud schemes.
- Provide an easy-to-use and quick method for employees to report suspicious activity.
QANON & CONSPIRACY THEORIES
What happened?
QAnon is the highest profile of a number of conspiracy theories that seemed to gain currency and visibility fanned by both pandemic-induced fear and a vitriolic, partisan general election. Here is the Wikipedia primer on QAnon.
We noted in a blog in July that even congressional candidates were open supporters of QAnon.
The coronavirus also bred an astonishing array of conspiracy theories, several of which focus on the source of the virus and forthcoming availability and safety of vaccines.
Why is it important?
Anyone is susceptible to conspiracy theories. Experts agree that the psychological elements that give rise to conspiracy theories are powerlessness, anxiety and uncertainty, building a rising sense in people that they are losing control of their life.
Among the tips to neutralize conspiracy theories among your employees is to combat a sense of powerlessness by helping your team members understand what they can and cannot control. Also, you can help them embrace the complexity of contemporary life, so avoiding the lure of the simple, ‘single story’ explanation of life’s twists and turns.
Looking specifically at the coronavirus, overcoming conspiracy theories is literally a matter of life and death as we approach the rollout of the vaccines.
The UK started vaccinations on December 7th and as the rollout began a leading HR publication noted how important it is to share positive messages as the efficacy of the vaccines depends on a large number of the population receiving them.
However, as Personnel Today underlined, many people are hesitant to participate because of their belief in conspiracy theories:
“On social media, memes and conspiracy theories abound that the vaccines currently undergoing approval will: modify our DNA; that Microsoft founder Bill Gates will use them to implant trackable microchips into our systems; or that the vaccination program is part of a secret plan to control the population.”
VOLKSWAGEN’S FIVE YEARS OF CRISIS
What happened?
The latest attempts from Volkswagen to escape from the damage of its scandal, known as ‘Dieselgate’, based on the fraudulent emissions testing of its cars, was an announcement earlier this year that it is reforming its compliance structure and improving its whistleblower program.
We looked at Volkswagen’s continuing problems in a Blog here.
Why is it important?
Volkswagen is an example of what happens when you do not follow the basic tenets of best practice crisis management at the very outset of the threat.
Here is a look at how Volkswagen failed when faced with the revelations of what was happening inside the company.
How you respond during those first few hours and days of a crisis are crucial. If you fail and your reputation is lost, it is a long road back.
It is this best practice imperative in crisis management that RockDove has addressed with our In Case of Crisis solution since it was launched.
During 2020 we launched In Case of Crisis 365, an expanded and more powerful version of the platform with additional tools to help organizations facing a threat.
Learn how hundreds of organizations large and small are using our award-winning issue and crisis management platform, In Case of Crisis, to better prepare for and respond faster to emerging threats.
