How to Communicate in a Crisis

Edward A. Flynn, the former Massachusetts public safety secretary, spoke to CSO in 2005, shortly after he handled a media frenzy over reports that the FBI was seeking six foreign nationals in connection with a suspected plot to release a dirty bomb in Boston. The tip to authorities later turned out to be a hoax. But as in real-time crisis situations facing many security executives, Flynn didn’t know that at first. Flynn shared these crisis communication tips, which you can pass along to executive colleagues and managers at your organization.

Share accurate information. During a crisis, Flynn says, you first need to provide information to your colleagues and employees about what’s happening so that they can respond appropriately. This is a big deal even if it’s hard to do, with conflicting interests at play among government agencies, he adds. “Understandably, there’s stress between the federal concerns to protect an ongoing investigation and the state government who needs to convey information to the media.”

Answer questions. After an organization releases information about an incident, Flynn says, expect questions. It’s important to respond quickly and to shape answers that reflect the tone you are trying to achieve—in this case, a calming presence. He adds: “If I’m answering your questions, I’ve found, it gives me room in tone and content to convey a more accurate, simple statement than any crafted message could do. And there’s always the old adage that you answer the question you wish you were asked.”

Tell the truth. Flynn says that it’s important to establish your credibility before a crisis. Then, when an incident occurs, your boss and peers will know that they can come to you for accurate and reliable information. Also be aware of your superiors’ points of view. “Their concerns are not only security related. They have a constituency. There are other interests besides yours at stake.”

Be prepared. Flynn says you need a communication plan that “requires that we work out in advance how we will communicate that message—who will deliver it to certain constituencies. If we have an industry that’s part of the critical infrastructure, what is your standard procedure to handle information when it comes into your domain? Into the public domain? How do you [speak] to your employees? These discussions need to take place in advance.”

Get involved. As a government official, Flynn says he saw the importance of public- and private-sector information-sharing. “CSOs should get involved with local and state government,” Flynn says. “Get in touch with your state’s emergency management agency.”