Offense sells tickets, but defense wins championships – at least, according to a now proverbial expression backed by the likes of ESPN. I must admit my knowledge of/interest in sports is about that of a grumpy cat’s, but I can still appreciate the value of this message and how it applies to other professions.
IT Specialist Greg Bell seemed to feel the same way in his recent piece for Harvard Business Review in which he posited that the best cybersecurity strategy focuses on a plan to mitigate damage, rather than pursue the “futile attempt” of trying to prevent anything bad from happening at all. I would argue that this sentiment extends from sports and cybersecurity all the way to public relations, and found the following points of Bell’s article particularly compelling:
- Ensure every person on the team knows their role
As Bell points out, cybersecurity strategy is too often relegated solely to the IT department, when the most sensible and secure approach is to educate every single employee on best cybersecurity practices. Similarly, PR professionals should not be the only ones involved when disaster strikes. Indeed, the PR team leads the defense effort, but the client must also bear critical knowledge and responsibilities. In times of crisis, appropriate executives from the client organization should be armed with things like spokesperson training and a key messaging framework to handle the response. Many times, a company executive will serve as the face of crisis response over an actual PR person.
- Align with your clients and maintain visibility
The author recounted the experience of a CSO who had invested a large amount of time and money in a complete overhaul of his company’s cybersecurity approach. What the CSO didn’t know at the time is that the company was planning on changing its data strategy, likely rendering his work useless in a few years.
As PR practitioners, this issue of visibility (or lack thereof) is something we can be all too familiar with. Naturally, there’s always going to be information that organizations keep on a need-to-know basis. But when a company faces reputational challenges, the PR team needs any and all relevant insight in order to devise the most successful crisis management plan. In these situations, PR people should respectfully ask their client to give them as much information as possible so as to achieve the best outcome.
- Prepare for the worst
That data breaches are unavoidable is at the crux of Bell’s argument. Likewise, PR people should plan as if a public company fiasco is inevitable. Of course, no professional wants a crisis for their company or client, but to dismiss the likelihood of one would be terribly foolish, especially in this internet era when companies are subject to more exposure and public scrutiny than ever.
As our media ecosystem becomes increasingly fast-paced and interconnected, many industry commentators are championing a proactive PR approach, making it easy for reactive PR to fall by the wayside. For the record, I agree that proactive methods are the most effective use of a PR team’s time and resources. But we must remember that this same connectedness is what makes company scandals more likely – a prime example being the expert damage control Skittles recently employed after their product was used in xenophobic political messaging on Twitter.
Proactive PR inspires customer loyalty, but successful reactive PR is what cements public respect. In other words, a strategy that balances both offense and defense will help your PR team rise up into a league of its own.
For more commentary on defensive PR strategies and crisis communications, please feel free to read our analysis of Samsung’s recent PR debacle or our suggestions for reputation management via Twitter. Thanks for reading.