News

‘Communication would have avoided the chaos’: Crisis comms experts weigh in on CrowdStrike debacle

July 25, 2024 9:56
by

The company behind last week’s unprecedented global IT outage, CrowdStrike, has received widespread criticism on the PR front for not issuing an immediate apology. Despite the chief executive and president later doing so via television appearances, some of Australia’s leading crisis comms experts say better communication was needed.

On Friday, the cybersecurity firm made a software update to devices using its services, resulting in thousands of computer systems crashing globally. In Australia, and around the world, countless large companies were affected, including banks, airlines, media companies, supermarkets and more.

Major airlines were forced to ground all flights; supermarkets were forced to shut.

While CrowdStrike quickly identified the problem, and George Kurtz, chief executive, posted on social media platform X to confirm it was not a cyberattack, and his team had deployed a “fix”, there was no immediate apology.

“The main criticism of Crowdstrike CEO George Kurtz’s initial response was a lack of an immediate public apology,” Benjamin Haslem, director of media and public affairs at Icon Reputation, told Mumbrella.

“That’s definitely a fail on one crucial element of crisis communications, but in the history of PR disasters, Crowdstrike’s response to possibly the biggest computer crash in history was overall relatively good.”

Haslem referred to the four ‘Rs’ of PR – recognise, respond, regret, remediate: “Kurtz failed on regret but Crowdstrike did successfully start to implement the other Rs.”

Kurtz eventually did a television appearance apologising for the outage, as did CrowdStrike’s president, Michael Sentonas.

In an exclusive interview with Sky News Australia, Sentonas remarked: “We got it wrong and we’re deeply sorry.”

Nick Johnston, partner at Acumen Advisory, added: “CrowdStrike’s delayed apology almost certainly arose from the ever-present tension in a crisis – the tussle between making an apology and protecting your legal position.

“This underlines the need for legal and PR operatives to understand each other before the crisis hits. With such understanding, there is always a way to say sorry without aggravating legal liability.

Nick Johnston

“CrowdStrike got it right with an apology in the end but it missed the opportunity to do this right from the start and suffered reputational damage. The cyber world shows how speed is critical in responding to a crisis.”

Phoebe Netto, managing director at Pure Public Relations, told Mumbrella the cybersecurity firm should have communicated quickly, and often.

“They should have committed to providing regular updates every 30 minutes – one hour so that anyone impacted knew what to anticipate and where to go for updates,” she explained. “This communication would have avoided the chaos of the unknown and long, frustrating periods of silence that many customers ultimately experienced.”

She said not only should CrowdStrike have been communicating more efficiently, as too should have the affected businesses.

“While CrowdStrike needed to give explanations, updates, apologies, and advice on rectifying the situation, every affected business should have done the same. Although they were not responsible for the problem or the solution, reassuring clients and managing their frustrations should have been a priority,” she said.

Phoebe Netto

“With better communication, CrowdStrike could have supported its clients to do this. Instead, they missed a crucial opportunity to invest in client relationships and reduce the strain. Priority needed to be given to rectifying the situation in a way that was accessible to all who were impacted – not just their larger customers who had access to their portal.”

She stressed that every update should have mirrored the emotions of those impacted.

“And finally, they should be listening, not just talking,” Netto continued.

“Listen to the experience of your customers, listen to the questions being asked regarding what your business offers, listen to what’s being said by other people, and adapt your message accordingly.”

Haslem said the cybersecurity firm was lucky in one regard – the crisis unfolded and was mostly dealt with while the Northern Hemisphere slept, minimising the effect on crucial services.

Benjamin Haslem

However, he stressed that CrowdStrike’s reputation has been massively damaged, and it will take a lot to win back customer loyalty.

“It needs to demonstrate that a repeat won’t happen and explain what measures have been taken to ensure that,” he concluded. “Most of us had never heard of Crowdstrike. Everyone knows them now. The hard work lies ahead.”

It is understood Sefiani Communications, part of Clarity Global Group, is CrowdStrike’s Australian comms agency of record.

Mumbrella contacted Robyn Sefiani, who declined to comment.

Got a tip?

Lauren McNamara is the associate editor at Mumbrella, covering the creative and PR beat. She joined in November 2022 as editorial assistant, after completing a Bachelor of Communications (Journalism) at UTS.

topics Acumen Advisory Benjamin Haslem Crowdstrike Icon Reputation IT outage Nick Johnston Phoebe Netto Pure Public Relations

Have your say

or

Comment anonymously

Your comment will be marked as unverified



ADVERTISEMENT
Latest

Jack Post departs The Christian O’Connell Show

AI isn’t coming for your job — it’s already here

Kyle and Jackie O 'go rogue' in another Melbourne campaign

James Warburton back in the driver's seat at Supercars

Yahoo's Andrew Gilbert appointed to lead Afterpay challenge

Get the latest media and marketing industry news (and views) direct to your inbox.

Sign up to the free Mumbrella newsletter now.

"*" indicates required fields

 

You don't have credit card details available. You will be redirected to update payment method page. Click OK to continue.

SUBSCRIBE

Sign up to our free daily update to get the latest in media and marketing.