Wikipanic—it’s the new word for the latest marketing threat. What will happen to your brand if Wikileaks attacks it? As Mastercard, Paypal, Visa, and Bank of America are finding out, marketers need to be ready in advance of disaster, whether a plane crash, an oil well explosion or a wikileak/hacktivist attack. Companies can’t risk a wikipanic. They need to be wikiready.
The New York Times is reporting that Bank of America was threatened by Julian Assange with a promise to bring them down and expose “the ecosystem of corruption.” The company is trying to get a jump on the crisis by finding out where they are exposed, how they are exposed, and what will be exposed. Their expensive counterespionage team is conducting a massive document review, investigating every lost, stolen, or missing computer, and crafting a security, operational, and brand reputation response. What should you do to be wikiready for a Wikileaks attack?
Don’t Be Evil
Google’s informal corporate motto may be derided, but it is one everyone should adopt. Even before Wikileaks, our “information wants to be free” world had become too transparent for companies, governments, executives and politicians to have a realistic expectation that their actions can stay hidden. The days when a president like FDR could keep his wheelchair secret or a senator like Chris Dodd could conceal his sweetheart Countryside mortgage deal are long gone. Task one for companies seeking protection from a Wikileaks-type assault is to avoid doing anything that would be embarrassing or damaging when made public (not if). Know that someone is always watching.
Fix The Problem First
If Wikileaks is going to reveal something damaging, fix it. Too many marketing and public relations people go into damage control mode, controlling damage to a brand reputation before fixing what is causing the damage. This kind of response is worse than counter-productive. BP doubled-down on the harm to its brand by trying to protect its reputation while the oil spewed. Focus on fixing the problem, not on minimizing the problem or on issuing defensive message. Honesty and transparency can be painful, but brands that respond this way do bounce back. Admit, apologize, atone–and don’t do it again. People won’t forget, but they will forgive.
The Bigger the Brand the Bigger the Target
Last week, I wrote on the expanding role of brands. No longer are they strictly commercial expressions. Brands are increasingly co-opted for larger economic, social and political debates. If you have a powerful brand, be ready for that power to get turned against you. Big brands are highly vulnerable to security breaches from:
- Lost laptops or laptops left in places where others could quickly download information to a portable hard drive while you are out getting coffee
- Data sent to outsiders by disgruntled employees—or customers
- Data in the hands of outsiders who may not protect it adequately (Bank of America’s data may have escaped from the documents given to the Securities and Exchange Commission, congressional investigators and the New York attorney general’s office, though those organizations naturally deny it)
- Old fashioned hacking–like the coordinated cyber-attack on 2500 companies in 196 countries that began back in 2008 and continued for years (finally revealed publicly in February 2010)
- DNS attacks that can bring down a Web site like Mastercard’s
- Co-opting of a brand to make a political statement (think McMansions or Disneyification)
If you have a valuable brand, digital vandalism, a wikileaks assault, or cyber-attack is a matter of when, not if. Have your communications infrastructure in place and operating. USAir and Continental didn’t seem to know how to use Facebook or Twitter before or immediately after their plane crashes. BP used one-way corporate-speak on Twitter and Facebook and were more than one step behind on YouTube.