Last week’s replacement of Lisa Agard as the CEO of Telecommunication Services of T&T (TSTT) was the most public example of the fallout following a series of cyberattacks on multiple companies in T&T recently.
However, public relations experts believe that the lack of a proper response to the public in the face of these attacks has compromised brands even more than most may think.
Carla Williams Johnson of Carli Communications believes the replacement of the CEO has exposed just how poorly many companies handle public relations.
“I think that the conversation needs to happen before the crisis. I feel like too often in T&T and by extension, the Caribbean, we will miss the quote-unquote, PR work when there’s a crisis, but PR happens long before the crisis,” said Johnson.
“It talks about reputation management, visibility, credibility, showing up in the media, letting the people know and trust you. Letting us see who the CEO. We need to understand that PR is the long game. It’s not ‘Oh, I’m having an event’. Let me just run in the papers or let me just run on TV, or I’m having a crisis. Let me just send a press release. No, it’s all about building that reputation,”
She believed that in the case of TSTT, their ineffective public relations strategy left them in crisis mode over a month since the cyberattack occurred.
“Yes, they are in crisis mode. I don’t even think they have moved to post-crisis. But I do think there’s a lot of things that could be done, could be said to make sure that the public understands that there’s some kind of plan in place to help regain their trust,’ said Johnson.
“People are now putting two and two together to realise but wait, this only hit the media at this point but this was going on long before,” she explained, noting that this made the public’s distrust of the company grow.
The series of attacks and the underwhelming response from various entities affected prompted Johnson to write a post on the Public Relations Association of T&T website entitled, How to protect a brand’s reputation after a cyberattack.
She explained, “A lot of companies handled it in the way that they knew how to handle it. But I do think a lot better could have been done. A lot more could have been done with quite a few companies in terms of communication with the public, when it did hit the public domain, communication with the media, and information that needs to be shared as a PR person myself, I do know that speaking about facts and the facts are very important.”
In the post, she noted that companies require a pre-crisis plan, but should the situation hit “CODE RED” or crisis, there should be a four-step rollout:
A – Act immediately,
B – Be visible,
C – Change strategy and
D – Don’t give up.
Johnson said simply following the old playbook of protecting the company image would not cut it in this situation.
“I do not recommend downplaying the severity of a crisis to make the company look good. You must be able to let the (public) know this is what has happened. I also don’t recommend always using press releases in terms of conveying information. I do think there are certain instances where a press conference would have been a better way to approach things,” she said.
Johnson explained that without these plans and proper engagement or action in the public, the company could suffer even greater losses in the future as customers and even potential employees may be less willing to engage companies due to their approach in such events.
“People may not necessarily want to work for the company. So maybe recruitment may suffer as well. They may have a hard time in filling positions within the company.
There’s a lot and it’s because it’s such a difficult thing to put your finger on. If it’s not dealt with properly. These faults could be over a long period of time,” Johnson said, as she suggested that local companies could take a page from Starbucks’ handling of racial bias in their United States stores in 2018 as an example of how to address a crisis in the public eye.
The concern over the approaches taken by local companies was also shared by another public relations practitioner Tenille Clarke.
Clarke, managing director and principal publicist, Chambers Media Solutions said she was similarly perturbed by the decisions made by Pricesmart and Courts following revelations of cyberattacks on their companies.
“In my capacity as a communications and public relations consultant, I do believe that a lot has been left to be desired and that there is a lot of rightful disappointment in the public domain. And you have to think about it from a consumer standpoint. Nobody wants to find out that their personal sensitive information has been leaked on the dark web, from data experts or other persons in the public domain,” said Clarke.
“And then on top of that, there’s nothing that you can do about getting the information offline. So at the bare minimum customers want to hear the truth of their circumstances, where the bond of trust originally existed, which is between the customer and the corporate entity, and that is when your corporate values should be taking the reins and standing front and centre in the midst of these kinds of circumstances.”
Clarke explained that while the challenges of these attacks are presenting new problems for these companies from a technological standpoint, the organisations also have to factor in the key relationship of business: cultivating trust with their client base.
“There’s the thing that you cannot physically touch which is the trust factor, the trust that a customer places in you as an organisation to keep their information safe, and we’ve seen progressive remedial action being taken with every discovery of a breach in the last few weeks. It is a form of reputation management. And I think all companies should be thinking about the following purpose-driven communications that are both effective and ethical. So the first thing is authenticity. Have you shared a position that admits where you’ve gone wrong, and where you intend to improve? Are you holding yourself accountable as an organization publicly?” she asked.
Clarke also questioned if these companies were even responding to some of the concerns being raised by the customers.
She said, “The second thing is engagement. Are you actively listening to what your audience has to say? That your message resonates with them, with the values that they hold true? What do you think is an important consideration for them? And are you providing them with the vehicle and the platforms to express those concerns? And then the final thing is impact; Has the behaviour of your audience changed as a result of you communicating with them? And have you retained their trust? And I think that those things are important, but critically quick and decisive action becomes the order of the day when it comes to clear communication. And that becomes the difference in turn between a common situation and a crisis that everyone wants to avoid.”