Tech Matters- Crisis Management in a Digital Age

Tech Matters- Crisis Management in a Digital Age
02 Oct 2019



In this digital age, a seemingly small issue left unmitigated may grow viral in a matter of minutes at an uncontrollable scale. With the advent of social media, a local problem could be propagated to become a global crisis in a matter of seconds; all emanating from the seed of a single online post misaligned with the corporation’s core messaging. Digital disruption has reinforced the urgent need to have a strategic and coordinated crisis response that fans the flames of crisis in time. To be prepared, organisations would have to put in place a robust crisis management plan to mitigate the effects of such crises. There is no better time to be prepared than peace time.

360 effect on your organisation

Your company may not be able to predict what form the next crisis would take, but there are structures that can be set up to strategically mitigate the damaging effects of a crisis when it does take place. In many sectors, a crisis is not a matter of if, it is a matter of when. There are a whole host of threats that could trigger a crisis in an organisation, including:

  • Corporate scandals, leadership misconduct, unethical behaviour, corruption and fraud-related issues;
  • Environmental, health and safety lapses and negligence, including those that result in product recall;
  • Technology failure; including compromise in network vulnerability that results in leak of confidential information and breaches in Data security; and
  • Operational failures; supply chain disruptions (for example, those in relation to the trade war between China and the USA);
  • Non-compliance with laws and regulations; and
  • Internal espionage; and leak of proprietary information to competitors.

These threats can seriously disrupt your business operations, and have crippling reputational impact on your organisation, including on subsidiaries, sister companies and the parent company. The extent of damage is multiplied through digital platforms. A disgruntled individual or purported victim could damage your organisation by posting negative comments or fake news online. Such comments may spread rapidly and globally through reposting on social media. Social media can even be used to galvanise revenge attacks on your organisation.

What this means for your organisation

A crisis can hit your organisation at the most inopportune time. When a crisis happens, your organisation would be required to make quick decisions and take swift remedial actions to contain the aftermath. It is therefore important to engage in advance planning. This is to reduce the disruption and mitigate the costs and losses to your organisation.

Mitigating the effects of a global crisis

It is imperative that the crisis be effectively managed within the first 72 hours of its occurrence. This is to prevent the crisis from escalating to a global scale with widespread devasting effects.

It may not always be possible to avoid a crisis, but there are steps that organisations can take to mitigate the effects of a crisis. The key is to have a timely and coordinated response to contain the situation. Organisations should consider implementing the following:

1. Crisis committee

It is vital for your organisation to have a crisis committee be on standby and ready to respond to any given situation. The crisis committee should comprise key personnel in your organisation, including senior directors heading the various departments in the organisation. This will facilitate cross-departmental coordination when an emergency arises. It would be common for a crisis committee to comprise of the higher management, the General Counsel, operations IC and Head of (Digital) Communications.  

A key priority in the first 72 hours of a crisis would be to ascertain facts urgently. The crisis committee should, during peacetime, be trained on the fact-finding workflows and systems that should be triggered during the early stages of a crisis, to gather as much facts as effectively as possible.

The crisis committee should take charge of developing a strategy to guide the organisation. The strategy should be in line with the organisation’s core values, policy and business continuity plans. The strategy formulated should then guide the crisis committee in formulating a crisis management plan with concrete action steps to take in the event of a looming crisis.

2. Escalation protocols – when a situation becomes a crisis

There should be clear guidance set in an organisation’s escalation policies on the indicators on when a situation needs to be escalated (before it evolves into a crisis) and the relevant personnel to activate to handle the situation as the crisis develops. This is so that the organisation’s resources can be optimised. Some situations can be dealt with swiftly by an in-house team. Larger scale crises would require the involvement of senior management and sometimes even external service providers.

This will help the organisation identify the early signs of a crisis and to take swift remedial actions. The crisis can be contained in its early stages without escalation

3. Consistent Messaging - Engaging with stakeholders

A crisis can have serious negative reputational impact your organisation. It is therefore imperative that the organisation deal with this issue head on by engaging the relevant stakeholders, such as purported victims and their lawyers, the media, investigatory and regulatory authorities, the general global and digitally savvy public, and even shareholders.

Accurate, consistent and timely communication of information is key. The organisation’s crisis messaging has to be built around the facts gathered. No matter which part of the corporate structure, from the middle management to the client facing ground staff, everyone has to convey a consistent message and talking points whomever they speak to. Structures will need to be put in place to ensure consistent messaging across the board. As such, it is also imperative to choose someone to engage in speaking on behalf of the organisation as a spokesperson.

Ideally, all communications with external parties should be disseminated from a centralised unit but that may not always be possible in the digital age.

4. Post-mortem

Each crisis presents an opportunity for the organisation to review and refine its crisis management strategy. The crisis committee should review the root causes of the crisis, the organisation’s response to the crisis and develop ways to prevent a similar crisis from happening in future.

The crisis committee can engage in simulation exercise to build up confidence and enhance the organisation’s response to a crisis situation.

Our expertise

We can draw on our international network to manage crisis of a global scale, and are well placed to guide our clients to coordinate, manage and contain the crisis, including the following: 

  • Advise and develop a crisis management strategy in line with your organisation’s existing internal policies;
  • Coordinate with external parties, including the government, regulatory authorities and third-party service providers;
  • Assist and facilitate internal investigations;
  • Advise on corporate liability, corporate governance and other related issues;
  • Develop and implement public relations and media strategies;
  • Advise and represent in negotiation, mediation, litigation and arbitration; and
  • In relation to data breaches, draft privacy policies, review and update existing data privacy policies and practices and conduct data privacy training and education workshops for your employees

For further information, contact:



Antonius Alexander Tigor

Telkomsel, Head of Digital Business Compliance



Shaun Leong

Partner, Eversheds Harry Elias

+65 6361 9369                              



Geraldine Toh

Legal Associate, Eversheds Harry Elias

+65 6361 9837