Thursday 19 August 2010

A CEO with a Problem

Dear CEO,

Last night you went to bed content in the knowledge that your company was in good shape and that you were making big bucks. But, things have a habit of moving quickly. It's now 5 AM. You somehow find yourself booked to go on the major TV networks between 7 and 8 AM. You have to explain how somebody broke into your corporate database and stole the details of around one million customers. The hackers used something called SQL (pronounced 'sequel' by the way) injection. This story broke while you were in dreamland.

What do you do? All around, people are losing their heads, but not you. That is why you are CEO and the others aren't. You are determined to grasp victory from the jaws of defeat. You see an opportunity. Whether you like it or not, you're going to get airtime across these networks. You have, as ex-British prime minister Margaret Thatcher once put it, the oxygen of free publicity. Make the most of it. There are only two hours to prepare. Don't forget that tomorrow this will be yesterday's news, and the opportunity will be history. 

First step is to get the lawyers on the phone. Make sure that you don't incriminate yourself or the company. Always run the plans by the legal people. Next, contact your IT department. Don't forget these are the idiots who caused the problem in the first place - and don't let them forget it either. They should ensure that there is enough capacity in place to handle the extra visitors who will go to your website as a result of this incident. Get your marketing department to come up with great deals and to publish them on the website as soon as possible. When curious people visit the website during the day, hopefully the offers they see there will encourage them to stay as new customers. A cynical move maybe, but all is fair in love and…...

Plan what you want to say during the interviews. Here are some ideas:
  • Be contrite but confident.
  • Apologise to your customers for any inconvenience.
  • Reassure them that the company will do everything possible to protect against any loss.
  • Announce that you will facilitate access to credit monitoring programs.
  • Emphasise the exceptional nature of this event by making the following kinds of statements: 'first indications are, this was an extremely sophisticated attack'
  • Stress that the company already has robust information security practices in place, but you will be revisiting them.
  • Say that you already have got external experts in to investigate the incident and that you will look to implement whatever recommendations these experts make.
  • State that you will vigorously pursue the perpetrator responsible for this incident.

And now comes the opportunity: As this is a breaking story, emphasise that you will be posting updates to the website on a regular basis. Customers should visit to get the latest information. Make sure to mention the company's URL as many times as possible. This is the chance to advertise your wares both to existing customers and to potential new customers. Obviously, you can't say this explicitly in the interviews. But the visitors who came to watch the car-crash will hopefully remain as customers - enticed by the promotions that your marketing department create this morning. You have two hours to set all this in motion. Remember to get approval for the plans from the lawyers. Finally, use the last half-hour to run through some mock interviews.

Best of luck!


OK, so things didn't work out. You are now the ex-CEO. But it did come with a useful golden handshake. You can now concentrate on the golfing handicap. 


Things worked out really well. After a brief hiccup, you increased your sales, and as a result of all the free publicity you received, you now have 10% more customers. Granted, you had to put aside some costs in the current accounting period, but they are manageable.  Ironically, you are now recognized as a world expert on crisis management!

The final item is to contact me, so I can tell you where to send the check!

Social: DiggIt! Reddit Stumble Google Bookmarks Technorati Slashdot

No comments:

Post a Comment