IR professionals learn to expect the unexpected and have crisis communications plans for everything from a product recall to a missed quarter.
But the recent rise of massive document dumping on WikiLeaks.org has created a new potential threat to consider: mountains of internal documents finding their way into the public domain without warning.
In a recent interview with Forbes columnist Andy Greenberg, WikiLeaks founder Julian Assange warned that his next mega-leaks will focus not on leaked government memos but on corporate secrets.
Unconfirmed rumours continue to fly that Bank of America will be the first target early in 2011. The Forbes article, titled WikiLeaks’ Julian Assange wants to spill your corporate secrets, should be required reading for every communications professional.
Even if legal troubles hamstring the site, the publicity surrounding WikiLeaks has inspired copycat sites around the world, forever changing the landscape for information security. The phenomenon ‘adds up to a reputational risk companies didn’t have to think about a year ago,’ according to James Lewis, a cyber security expert at the centre for Strategic & International Studies, who was interviewed for the Forbes piece.
Published just prior to Assange’s most recent release of US Department of State cables, and his subsequent arrest on a sexual assault warrant from Sweden, the Forbes article describes how WikiLeaks.org had to shut down its intake system for leaked documents last fall because the inflow was outpacing the site’s ability to publish the data, much of it from companies rather than governments.
Inside Investor Relations asked seasoned IR counselors to share their thinking on how to deal with this new landscape. Roger Pondel, president and CEO of PondelWilkinson, advises that ‘a leak loses its power once it’s exposed and becomes a news story. Rather than fighting it, professional communications resources must be applied to controlling the story in the media and minimising brand damage.’
Because it’s such a new phenomenon, Pondel says ‘preparing management against a WikiLeaks threat, up to now, has been rare.’ He adds that ‘high-profile companies may well be the most vulnerable in the long run. Once information is leaked, aside from conducting an internal investigation as to the source, the company must be upfront and prepared with a public statement, to get as far ahead of the story as possible with accurate messaging.’
Brad Wilks, managing director at Sard Verbinnen, says best practices have not changed, despite the new threat posed by WikiLeaks. ‘I don’t believe we are giving any substantially different advice to clients,’ he comments.
‘Obviously, every company needs to instill a culture that respects confidentiality of non-public material data that could be embarrassing – or worse – if leaked externally, and should have policies to make sure such information is safeguarded to the greatest extent possible.’
Both counselors pointed to the value of being well prepared. An unexpected leak ‘can be responded to within the context of a broader crisis response plan in which all the key players and most potential scenarios have been identified well in advance, so a team can be activated quickly,’ Wilks says.
Wilks and Pondel are also clear on the need to respond to negative information forthrightly. ‘If an instance arose in which malfeasance was implied or evident from leaked data, our advice would be to work closely with the general counsel, outside legal advisers and independent board in determining a response,’ explains Wilks.
Assange himself has some advice for companies, which he provided in the Forbes interview: ‘Do things to encourage leaks from dishonest competitors. Be as open and honest as possible. Treat your employees well.’
Business Insider Emails & Alerts
Site highlights each day to your inbox.