Crisis communication during cryptocurrency hacks
Avoiding a crisis altogether is the best way to deal with it, but when a crisis is bound to happen little can be done if there are no preparations for it. Breaches happen and they happen big. Especially with an arising awareness of cryptocurrencies and a growing use of them, breaches are a lucrative business which is indeed thriving. With a chance of them happening, however, small or big, crises need crisis communication plans as prequels. If nothing else can be saved, the company’s reputation is the only shot left, even though it is a long one.
What constitutes a crisis is a never ending definition with parts being added to it as industries change shapes and new segments are created. The somewhat comic part of all this story is that, however, long the definition becomes, it always fails to precisely describe particular crises thoroughly. For that matter, defining a crisis based on characteristics is a viable solution. As we are specifically dealing with cyber-attack related situations, there are two characteristics that separate this industry from others: crises are made public by other stakeholders than the company’s workforce, and cyber-attacks are so covert that they go unnoticed for a long time.
A closer look at these two elements which categorize cyber-attack crises as a separate category, produces results which hint at surprise and vagueness. Tackling surprise and vagueness is basically the purpose of a crisis communication plan. Therefore, the very first step in creating such a plan is a brainstorm session with the staff of the company discussing the worst case scenarios. Depending on how pessimistic (or realistic for that matter) the staff tends to be, the session can yield very interesting model scenarios. Part of the brainstorming should also include the assigning of probabilities to the scenarios and ranking the effect on different constituencies. In the hype of the event, giving particular attention to those most affected by the crisis is a positive step into retaining relations.
Attention to relevant aspects or subjects of a crisis does not by itself guarantee a safe pass. Other elements such as the persons communicating with the constituencies and the channels used are two crucial elements. For example, in the case of Bitfinex where multi-million dollars of cryptocurrency assets vanished, it was the company’s community director who was communicating throughout various online forums. However, other employees were also giving unfiltered statements about the scandal at its peak moments. Analysing this situation, a clear deduction can be made that there is a non-centralized effort of communication. The online forums used in this particular case are, however, a smart way of targeting the people who use their services.
As in most industries, this particular industry is no exception to the recommendations of using a centralised system through which the information goes out at such a critical point. That way, the information deducted from the company’s inner research efforts is first filtered through and then goes out to the constituents. This does not necessarily mean that only one person should be responsible for giving out the information but it rather stresses the need for uniform information.
Unfortunately, it all collects dust. If the plan is not subject to continuous updates and crisis drills are not put into practice, then there is little value to be drawn from all the effort put into making the initial plan. Specifically in an industry like cryptocurrency exchange where there is continuous developments, the plan becomes obsolete in the blink of an eye. Practice in this case can never really make perfect, but it gets temptingly close.