Security Operations

Do you have the critical tools and practices in place to effectively communicate with your employees in times of crisis? See our recommendations below.


Whether your employees are working remotely or in the office, it’s crucial that they know their wellbeing and safety are protected. This is even more important to organizations that wish to attract and retain top talent. In fact, a Qualtrics study found that 71 percent of U.S. jobseekers prioritize an employer’s ability to ensure its workforce’s physical safety and wellbeing when deciding where to work. 

Yet, a recent Dataminr-commissioned survey conducted by Forrester Consulting revealed that 70 percent of security and risk leaders globally experienced at least two critical risk events that endangered their organization over the past year, with an alarming number of leaders lacking an adequate understanding of the systemic risks their organizations face.

To better safeguard their people, security professionals need to efficiently and effectively communicate with employees when a crisis or high-impact event occurs. Here we outline six best practices for how to effectively communicate with employees before and during.

Be prepared—far in advance

Prepare, prepare, prepare. This includes knowing what your risk exposure is and having a crisis communications plan in place. Both will help to ensure business continuity should your organization be hit with a crisis. 

When security and risk teams know what their risk exposure is, they have a full understanding of who and what might be exposed to risks and threats. Take for instance retailers. Their top known risks include extreme weather, crime and geopolitical events—which put their employees, customers, stores, online sites and supply chains at risk. But with that type of information in hand, organizations are able to maintain a high level of situational awareness, allowing them to better prepare for, mitigate and respond to potential crises and major disruptions. 

Crisis communications plans help ensure organizations are as prepared as possible for both the expected and the unexpected. Those that are the most effective account for the need to notify, communicate and collaborate with employees. Answers to critical questions, such as who is responsible for confirming the safety of affected employees, have already been determined. 

As such, security and risk teams—and key business partners, like HR and corporate communications leaders—can communicate with impacted employees more quickly and effectively during a crisis.

Confirm the safety of your employees

As soon as you are alerted to a potential risk to the health and safety of your employees, immediately notify them of the threat. Not only is it the right thing to do, it’s part of organizations’ duty of care obligations—the moral and legal responsibility of a company to ensure the safety and wellbeing of its employees. This holds true whether employees are traveling, working remotely or in the office. 

A proven method for warning employees is a two-way notification system. Such systems enable organizations to quickly notify employees of a risk—such as a severe, impending storm—via SMS, voice or email. Employees are then able to confirm their safety.

Different types of notifications require different actions. The most common are: FYI (for your information) only, soft acknowledgement and hard acknowledgement. The latter applies when there is a potentially life-threatening event or situation, such as severe weather, public health emergencies and workplace violence. 

As such, when reaching out, it’s vital to let employees know the action(s) you expect them to take. For example, you could ask if they are unsafe or need emergency assistance by requesting one or two text responses: 1=OK, 2=HELP!  

Security and risk teams that use Dataminr Pulse can leverage both its real-time alerting and two-way notification capabilities to ensure they identify potential risks within seconds or minutes of an occurrence and then notify only the affected employees—in real time—of those risks. 

Disseminate critical information quickly

In times of crisis, employees are easily overwhelmed by the large volume of information that often comes their way, particularly when it comes from multiple sources simultaneously. Organizations can help alleviate this by:

  • Disseminating key messages quickly and succinctly. But only after having first confirmed the known facts of the situation and finalized an emergency response plan.
  • Refining messages down to a few digestible key points. This will help minimize stress and make sure employees are clear on what the next steps are.

Key messaging will vary for different types of crises, including natural disasters, bomb threats, cyber attacks and more.

Notify employees through multiple channels

Today’s employee notification systems employ at least three modes of communication: email, SMS and voice. Some include a mobile app that is used for business travel. It’s crucial that organizations have multiple ways of communicating. If one mode of communication fails, there are others to rely on—preventing any delays in notifying employees.  

Ensuring multiple modes of communication is also essential to reach employees who have limited access to communication channels. For example, when an employee traveling for business is in a country with poor cellular coverage or unreliable SMS messaging agreements. In those instances, contact them via email or voice modes will prove most effective. 

Other times, such as when an employee is out to sea on a ship, communications are confined to a singular channel like satellite WiFi. In that case, email is the only option for notification. The goal is to ensure your organization has various ways to reach employees. 

Be transparent

During the height of a crisis, it is important to be honest with employees about what is known and what is not. Employees need to be able to trust leadership and the messaging contained in the communications they receive—even if the news is bad or if leaders have to admit that they don’t yet have the answers. 

While sticking to the facts will help ensure communications are clear and more easily understood, demonstrating empathy is equally crucial. Inform employees quickly and accurately, without making estimations or assumptions, and demonstrate that the organization is proactively taking steps to ensure their safety. 

The tone of how an organization and its leaders communicate is critical to employees’ safety. During an emergency, it is vital to use a calm and people-centered approach. While emotions always run high during a crisis, avoiding unnecessary panic will allow employees to respond to directions appropriately and make rational decisions.

Take for example the video that Marriott CEO Arne Sorenson released during the height of the COVID-19 pandemic. He was direct, addressed key concerns like job security and yet showed immense, heartfelt concern for his employees. 

Given the wide range of security threats faced by today’s organizations and employees—which have become more frequent, impactful and unpredictable—there is no single best way to handle internal, crisis communications. Different types of threats will be handled differently, with each organization forming a unique communications plan in accordance with its employee base and business strategy and needs. 

What is of the utmost importance is taking the proactive measures required to keep employees safe, connected and informed, whatever their working preference or location. 

Learn more about how Dataminr Pulse can help you effectively communicate with employees in times of crisis.

April 13, 2023
Risk in real time

Risk in Real Time newsletter

Sign up for our monthly newsletter for the latest on security and business trends, news and insights.

SUBSCRIBE
  • Security Operations
  • Corporate Security
  • Insight

Related resources

Insight

Are Your Vendors Exposing Your Organization to Vulnerabilities?

Vendors don’t always disclose their vulnerabilities, which could leave both organizations and customers exposed. Learn how real-time cyber threat intelligence can mitigate the risk.

Insight

Prepare for Your Next Board Meeting: A Checklist for CISOs

CISOs increasingly have a seat at the executive table, but face challenges speaking the language of stakeholders. This checklist reveals how and what CISOs need to communicate to the board to obtain buy-in of cybersecurity strategies and budget.

Insight

Innovate or Stagnate: Why CSOs Must Embrace an Innovation Mindset

Chief security officers are managing unprecedented levels of disruption—requiring them to not just adapt, but innovate, if they are to effectively safeguard their organization and strengthen resilience.