Doing nothing is not a crisis management strategy that produces results
The Office of Personnel Management breach is attracting a lot of attention thanks to the staggering number of federal employees possibly affected – nearly 18 million the last time a total tall was announced – and the clear lack of crisis management preparedness from the agency.
Federal News Radio’s Jason Miller, who spent days knee-deep in coverage of the intense Capitol Hill hearings that saw OPM director Katherine Archuleta set out to be grilled again and again, shared some advice we found fitting.
Go on the offensive. Too often agencies are playing catch up in the news cycle and during hearings. The curl-up-in-a-ball syndrome was evident during the first two hearings—June 16 before the House Oversight and Government Reform Committee and June 23 before the Senate Appropriations Committee. And without a doubt, OPM’s defensive posture hurt them. Finally during the second House hearing, OPM officials were more proactive, releasing a cyber strategy and coming up with better responses to questions such as why Archuleta didn’t turn off systems that didn’t have an authority to operate. (I’ll have more on that later in the notebook.) Learn from OPM’s poor handling of this crisis. First, agencies need a crisis communication plan as soon as they know there are problems—cyber or otherwise. Agencies should control the narrative, or, at the very least, get a full and complete say in the discussions.
If you aren’t telling your story, someone’s going to tell it for you, and they’re under no obligation to give you a fair shake. One thing we’d add is that waiting until you know there are problems to create a crisis communication plan is a danger in itself. Create plans before you run into trouble and you’ll find crisis management suddenly gets a lot less stressful.
Erik & Jonathan Bernstein