Back to skills
extension
Category: OtherNo API key required

Crisis Communications Coach

Coach a CEO, CMO, head-of-comms, or general counsel through a corporate crisis communications event — security breach, data leak, product outage, executive m...

personAuthor: charlie-morrisonhubclawhub

crisis-communications-coach

Coach an executive team through a corporate crisis communications event. The first 24 hours determine 80% of the outcome; bad early decisions compound for months. Most crises are survivable; mishandled crises become the defining story of the company.

This is not general PR / brand work. This is real-time response under pressure with legal, regulatory, and reputational stakes.

When to engage

Trigger when:

  • "We have a crisis right now"
  • "Data breach disclosed; customers asking questions"
  • "Major outage hour 4 — customers raging on Twitter"
  • "Press just contacted us about [allegation]"
  • "Executive misconduct claim from former employee"
  • "Regulator has opened an inquiry"
  • "Customer made viral negative post — what do we do?"
  • "We're about to disclose [bad thing]; how do we frame it?"

Do not engage for: routine PR messaging, brand-building, product launches, typical media-relations work (use a different framework).

Step 0: First-hour response

The first hour after a crisis emerges sets the tone. Treat it with extreme discipline.

Activate incident command

  • CEO + General Counsel + Head of Comms + relevant function head (CISO for breach, CTO for outage, CHRO for personnel issues) form the crisis team.
  • One designated decision-maker (usually CEO or COO).
  • One designated comms lead (Head of Comms or external crisis-comms firm).
  • One designated note-taker; everything is logged with timestamps.

Suspend routine comms

  • Pause scheduled marketing emails, social posts, PR pushes.
  • All inbound press goes through one funnel.
  • All employee communications go through one channel.
  • Hold non-essential meetings / customer calls until you have your bearings.

Gather facts

  • What happened? (Confirmed facts only.)
  • What's the scope? (Who's affected? How many?)
  • What's known vs unknown?
  • What's the timeline?
  • Who else knows internally?
  • Has it leaked publicly? (Search Twitter, Reddit, Google Alerts.)

Issue a holding statement (within 1-2 hours, sometimes faster)

Even before full investigation, acknowledge:

  • "We're aware of [event]"
  • "We're investigating"
  • "We will provide an update by [time]"
  • "Our priority is [customers / safety / etc.]"

Don't speculate. Don't deny. Don't apologize for things you don't know happened. Acknowledge that you're aware and you're acting.

Priority stack

Crises involve trade-offs. The standard priority order:

  1. Legal exposure / liability — Counsel reviews every external statement. If counsel says "do not say X", don't say X without escalation.
  2. Customer safety — If customers are at physical or financial risk, communication moves faster than perfect.
  3. Customer information / consent — Privacy, breach notifications, transparency obligations.
  4. Employee morale — Internal communication usually beats external; employees should hear from the company before they hear from CNN.
  5. Press narrative — Shape the story rather than letting it be shaped for you.
  6. Investor relations — Major financial / reputation events affect stock or fundraising.
  7. Regulatory posture — Pre-empt regulator inquiries with proactive disclosure when appropriate.
  8. Partner relationships — Channel partners, vendors, customers' customers.

Re-prioritize for context. A breach inverts to: customers > regulators > legal > employees > press > investors. An executive-misconduct case inverts to: legal > employees > board > customers > press.

Truth, positioning, and the balance

Don't lie

  • The internet remembers. Lies surface within days; the second story (the cover-up) is always worse than the first.
  • "We have no evidence of X" can be honest if true; "X did not happen" without certainty is reckless.

Don't speculate

  • "We're investigating" is fine.
  • "We don't yet know whether [X]" is fine.
  • "It's likely caused by [Y]" — only if you're 95%+ certain.

Do over-communicate when facts are clear

  • Once you have facts, share them faster than competitors / press / customers expect.
  • Silence becomes the story.

Don't apologize for unproven harm

  • "I'm sorry this happened" — fine.
  • "We acknowledge harm and accept responsibility for X" — only when verified.
  • Premature accountability can create legal exposure on harm you didn't actually cause.

Don't make promises you can't keep

  • "We will refund every affected customer" — only if you've actually committed and budgeted.
  • "We will fix this within X days" — only if you have a real plan.

Audience-specific messaging

Each audience requires tailored communication. Don't blast one statement everywhere.

Customers

  • Email or in-app message, not just blog post.
  • Direct: what happened, what it means for them, what to do, what we're doing.
  • Affected vs unaffected: explicitly tell affected customers; don't make them dig.
  • Tone: empathetic, factual, action-oriented.
  • Channel: their primary contact channel + secondary backup.

Employees

  • All-hands or mass-email, before external announcements when possible.
  • Internal-only details (more candid than public).
  • "Here's what we're saying externally" — give them the public messaging so they don't get caught off-guard.
  • Q&A session if scope is significant.
  • Manager toolkit for handling team-level questions.

Press

  • Designated spokesperson (not multiple; voices align).
  • Holding statement → full statement → Q&A as fact pattern develops.
  • Decisions:
    • Proactive press release vs respond-to-inquiries-only.
    • Exclusive to one outlet vs broad embargo vs press conference.
    • On-record vs background vs off-record.
  • "No comment" is sometimes correct but rarely; usually a brief acknowledgment is better.

Regulators

  • Often required by law (breach notifications: 72 hours in EU GDPR, varying in US states).
  • Counsel-led, with regulatory affairs.
  • Tone: transparent, complete, cooperative.
  • What you say to regulators may become public via FOIA / disclosure.

Investors

  • Schedule call within 24-72 hours of major event.
  • Brief written statement (1-2 pages).
  • Honest assessment of impact.
  • Forward look on remediation, financial impact, narrative.
  • For public companies: 8-K filing if material.

Partners (vendors, channel partners, customers-of-customers)

  • Direct outreach to top-tier partners.
  • Standard messaging: facts, actions, partner-relevant impact, your support commitment.

Social media (broader audience)

  • Initial brief acknowledgment (matches holding statement).
  • Don't engage in arguments.
  • Don't delete negative comments (escalates).
  • Don't auto-respond with stock messaging.
  • Update post with edits as situation develops, with timestamps.

Holding-statement design

Standard holding statement (60-150 words):

We're aware of [event] that occurred [time] and affected [scope, if known].
Our team is actively investigating and we are taking immediate action to [stated priority — e.g., contain, secure, support customers].
We will provide an update by [time, typically 4-12 hours].
Affected customers can reach us at [contact].
Our priority is [customer safety / data protection / restoring service].

Key elements:

  • Acknowledge.
  • Commit to investigate / act.
  • Set next-update timeline.
  • Provide affected-party support channel.
  • State priority.

Avoid: speculation, premature apology, blame, evasion.

Full-statement design

Once facts are clear (typically 12-72 hours):

What happened: [factual summary, scope, timeline]
Who's affected: [specific groups with numbers if known]
What we're doing: [containment, remediation, support actions]
What we're not certain about yet: [honest acknowledgment of unknowns]
Our accountability: [what went wrong, what we're changing]
Our commitments: [specific actions, with timelines]
How affected parties can get support: [channels, escalation path]
Next update: [if more is forthcoming]

Format depends on channel: blog post + email + press release + investor brief, often coordinated.

The legal-comms tension

Counsel and comms have different priorities:

  • Counsel: minimize legal exposure → say less, qualify everything.
  • Comms: protect narrative and trust → say more, be human.

Common conflicts:

  • "I'm sorry" — counsel often blocks (admission of fault).
  • "We will refund" — counsel may block (precommitment).
  • "It was caused by [vendor]" — counsel almost always blocks (litigation risk).
  • Apologies in user-facing statements vs legal-defensive language.

Resolution:

  • Empathy without admission: "We deeply regret the impact this has had" (regret ≠ legal admission of fault).
  • Action without precommitment: "We are working with affected customers individually."
  • Accountability without naming: "We are reviewing our processes" rather than "the third-party vendor caused this."

When to push back on counsel:

  • When silence creates worse legal/reputational exposure than action.
  • When the legal-conservative language is so empty it damages credibility.
  • When the public has clear evidence already; denial isn't credible.
  • Always with the General Counsel personally, never around them.

Press strategy

Proactive vs reactive

  • Proactive (announce before press finds out): when scope will become public anyway, proactive shapes narrative.
  • Reactive (respond when asked): when scope is contained and proactive raises more questions than it answers.

Exclusive interview

  • Sometimes effective: gives one outlet depth, treats them as partner, controls narrative.
  • Risk: alienates other outlets; can backfire if interview goes poorly.
  • Use when: you have a complex story to tell, the outlet is sympathetic / serious, there's no time pressure for broad communication.

Public statement only (no interviews)

  • Written statement covering essential information.
  • No follow-up interviews.
  • Best when: facts are still developing, legal exposure is high, executive isn't available / prepared.

Press conference

  • High-stakes, broadcast simultaneously.
  • Reserve for: major reputational events, regulatory announcements, strong executive presence required.
  • Risk: questions can derail; requires extensive preparation.

"No comment"

  • Rarely the right answer publicly.
  • Better: brief acknowledgment + reason for limited info ("We're in active investigation and can't share details at this time").

Social media response

What to post

  • Match the holding statement; brief acknowledgment + commitment + update timeline.
  • Pin to top of profile.
  • Update as facts develop.

What not to do

  • Argue with commenters.
  • Delete negative comments (becomes the story).
  • Auto-respond with templated messaging.
  • Joke or post unrelated content during active crisis.
  • Post during the crisis from accounts unrelated to the issue.

Executive personal posts

  • Sometimes effective (CEO personally addresses customers).
  • Risk: every personal post becomes part of the story.
  • Coordinate with comms team; never freelance during crisis.

Specific crisis types

Data breach / security incident

  • Required disclosures: GDPR 72 hours, US state laws vary (typically 30-60 days).
  • Customer notification: required for affected individuals.
  • Regulator notification: often required.
  • Credit monitoring offer: standard for material breaches.
  • Avoid: minimizing scope, hiding "low-impact" details that turn out to be high-impact.

Product outage

  • Status page: real-time updates.
  • Incident commander identified publicly.
  • Post-mortem within 5 business days (technical + accountability).
  • Customer compensation: SLA credits, sometimes additional good-faith credits.
  • Avoid: blaming third parties (cloud provider, etc.) — they may be the root cause but the customer relationship is yours.

Executive misconduct allegation

  • Legal team and HR lead.
  • Independent investigation typically required.
  • Suspension during investigation often necessary.
  • Public statement usually delayed pending investigation.
  • Avoid: defending without facts, attacking accuser (universally backfires), blocking media access.

Customer-harm incident

  • Immediate care for affected customer (medical, financial, etc.).
  • Investigation of root cause.
  • Communication to affected + similar customers.
  • Compensation framework.
  • Product changes if needed.
  • Avoid: treating one customer's case in isolation when others may be similarly affected.

Regulatory action

  • Counsel-led entirely.
  • Public statement typically minimal: "We are cooperating with [regulator] on [topic]."
  • Disclosure obligations: 8-K for material public-company actions.
  • Avoid: speculation about outcome, public attacks on regulator.

Hostile media coverage

  • Distinguish: factually wrong vs unflattering-but-true.
  • Wrong: request correction; provide evidence.
  • Unflattering-but-true: respond with context, not denial.
  • Don't sue for press coverage unless coverage is defamatory and damages are significant — lawsuits become bigger story than the original.

Viral social-media incident

  • Within hours: brief acknowledgment.
  • Within 24 hours: action + statement.
  • Don't fight virality; address substance.
  • Single individuals (employee misbehaving on video, etc.): address individual + structural response.

Founder is the cause

  • Hardest scenario. Requires founder + board alignment.
  • Possible outcomes: founder steps back / steps down / takes leave / receives counseling / continues with corrective action.
  • Often pairs with founder-CEO-firing-coach scenarios.

Post-crisis recovery

Root-cause communication

  • 30-60 days post-crisis: comprehensive analysis + corrective actions.
  • Builds credibility for future trust.
  • Includes: what went wrong, why it went wrong, what's changing, what to expect from us going forward.

Customer reassurance

  • Direct outreach to affected customers.
  • Refunds / credits / extended trials as appropriate.
  • Executive 1:1s with major affected customers.

Employee retention

  • Active conversations with at-risk talent.
  • Manager training on handling external questions.
  • Anniversary / refresh grants if needed.
  • Honesty in town halls about lessons learned.

Investor confidence rebuild

  • Quarterly progress reports on remediation.
  • Consistent metrics demonstrating recovery.
  • Don't oversell; let actions accumulate.

Narrative reset

  • Wait until recovery is real (typically 6-12 months).
  • Then: signal a new chapter (new product launch, new exec hire, strategic milestone).
  • Don't pretend the crisis didn't happen; integrate the lesson into the company's story.

Anti-patterns

  • Silence in the first hours. Becomes the story.
  • Over-promising. Walking back commitments later is its own crisis.
  • Apologizing for unproven harm. Creates legal exposure.
  • Lying or shading the truth. Always surfaces; second story worse than first.
  • Multiple spokespeople. Different voices say different things; trust erodes.
  • Attacking accuser / press. Universally backfires.
  • Deleting evidence. Tweets, comments, posts. Becomes obstruction.
  • Skipping employee comms. Employees become the leak.
  • Hiding behind PR statements. Customers see through.
  • Crisis fatigue / autopilot. Treating each new crisis like the last; each is unique.

Workflow

Pre-crisis (preparation)

  • Crisis-comms playbook documented.
  • Crisis team identified; roles defined.
  • Templates pre-drafted (holding statements, press releases by category).
  • Scenario tabletop exercises (annual minimum).
  • Spokesperson media training.
  • External crisis-comms firm on retainer (optional but recommended for high-risk industries).

During crisis (active)

  • Hour 1: assemble team, gather facts, holding statement.
  • Hour 2-12: investigation, audience-specific drafts, legal review.
  • Hour 12-72: full statement, audience-specific rollout, media engagement.
  • Days 3-7: ongoing updates, customer support, employee communication.
  • Days 7-30: action implementation, narrative monitoring.

Post-crisis (recovery)

  • Day 30-60: root-cause communication.
  • Day 60-180: relationship rebuild.
  • Month 6-12: narrative reset.
  • Annual: lessons-learned exercise, playbook update.

Integration with other coaches

  • founder-CEO-firing-coach: when crisis triggers leadership transition.
  • board-meeting-prep-coach: crises always involve board; prep is critical.
  • enterprise-sales-coach: customer-facing impact during crisis.
  • nrr-recovery-coach: crisis-driven churn requires recovery work.
  • chief-of-staff-onboarding-coach: CoS often coordinates crisis response.

A crisis tests the entire company. The communications function is the most-visible, most-time-sensitive part. Get the first 24 hours right; everything else gets easier.