What use are your crisis plans if they’re left to gather dust?
Firms do smart things to help them become resilient. They create business continuity plans, cyber playbooks, terror playbooks, they employ mass notification and document sharing technology and then they take all this good stuff and do something really dumb. They put it in a real or metaphorical box marked ‘Crisis Use Only’.
Meanwhile, everyone breathes a huge sigh of relief thinking their organisation is crisis ready. Not so fast.
Use it or lose it
TalkTalk’s 2015 data-breach has become a business case study, not least of all because it seemed to resemble a Netflix drama. Thousands of sets of confidential client data were seized by what at first appeared to be teenage hackers working out of their bedrooms in Northern Ireland. Then it emerged the firm’s CEO was a Baroness. Many were surprised we still had baronesses, but it seemed we did and she went on to conduct a car crash interview on the BBC when it became clear she had no idea whether the data stolen was encrypted or not. The Season One finale saw the firm slammed with a £400,000 fine.
All of which you may be familiar with, but what you may not know is that prior to the cyber-attack, as part of their crisis planning, TalkTalk had invested a considerable sum of money in crisis management software which was designed to help them through just such a scenario. And what had they done with this valuable tool? Yes, you guessed it: they’d put it in the dreaded crisis box.
Unfortunately, the staff who had brought the software to the company had left and no one had been trained to replace them. So there they were with a great crisis tool that no one had a clue how to use.
No one gets it right first time – so don’t let your first time be the one that counts
Time to dump the crisis box. Get your plans and playbooks out and test them during a crisis simulation. If you’ve invested in incident management software, then make sure it’s used during the simulations.
Perhaps there are elements of the technology that can be deployed on a daily basis to convey information to colleagues. This will allow those with admin credentials to become familiar with the product and understand its full potential.
During an emergency, messages sent on a platform that staff have never seen before will likely be met with consternation, if not downright hostility. A crisis is not the time to use this type of kit for the first time.
At YUDU Sentinel, we have awarding winning crisis management software that we want our clients to use: we don’t want to see it gathering cyber-dust on a computer. We now run crisis exercises using Sentinel to test your crisis team and to test how effective they are at using Sentinel. Think outside the crisis box.
Written by Jim Preen, Crisis Management Director at YUDU Sentinel.
Image by Gemma Smith, Junior Designer at YUDU Sentinel.
YUDU Sentinel is an app based crisis management platform in case of fire, terrorist and cyber attacks, or any other critical incidents. Crisis managers have immediate access to a suite of communication tools and can view and share key documents on mobiles. Sentinel is an award winning tool trusted by law firms, hotels, theatres and more. Find out more at www.yudu.com/sentinel or contact us on Twitter @YUDUSentinel.