2018 Year in Review

2018 Crisis Year in Review

December 28, 2018

Critical takeaways

  • Social media still matters. Companies must have a presence and use these platforms in a crisis.
  • Pre-closure is the new disclosure. Be proactive, ‘take the trash out’, be clear about what you stand for and get out in front of the issue.
  • Data breach is a waning public concern but still needs to be appropriately managed. These situations can easily be prepared for and practiced in advance.
  • Speed saves. The difference between those who respond well and those who don’t is the speed of their response and the speed with which they establish trust.


Around this time each year, we at Kith like to take a look back at some of the biggest events of the year to see what lessons we can learn and identify any patterns or trends. This is an excellent way for us to develop our pattern recognition and to be able to help our clients ‘look around corners’ in similar circumstances.

I wanted to share our thoughts from the five biggest crises that we selected from 2018. I hope this helps you think about your own crisis preparedness and to develop your pattern recognition. (I also shared these thoughts in our end of year webinar which you can see here.)


What are companies preparing for?

Before we jump into what actually happened, it’s always interesting to see what companies thought might happen. Luckily, we have an excellent study from the law firm Morrison and Foerster based on interviews with hundreds of organizations, asking them what they were preparing for and the issues they were most concerned about. What companies include in their crisis management plans is a good indication of what they think their most significant challenges might be so this is a neat summary of what is front-of-mind for the respondents.

Crisis Management Benchmarking Study 2018 – Source Morrison and Foerster

Unsurprisingly, a cyber breach is the most common event that organizations are preparing for, closely followed by workplace violence or harassment. Cyber has been a significant concern for many years, so its prominence is to be expected, but it is good to see firms taking the threat of harassment or violence in the workplace seriously. One surprise for me was to see product recall in a relatively low position, but I suspect that this kind of response is ‘baked into’ most large manufacturers so it might not be something they prepare for explicitly.

Now that we’ve looked at what firms thought might happen, let’s turn to what actually happened over the last 12 months. We’re starting with one of the year’s most prominent corporate crises: an issue that has been years in the making and is far from over.


As communicators, Facebook’s multiple issues gives us a great deal of food for thought and lots of takeaways. As most people know, Facebook’s current issue began with revelations concerning how data had been shared with research firm Cambridge Analytica and how the research firm had then allegedly used that data in relation to elections in the US and Europe.

These revelations led to Congressional hearings in Washington and shortly afterward, two other damaging reports emerged compounding the company’s problems. First, The New York Times reported how Facebook was heavily reliant on spin and smear in their response to their issue including attempts to dismiss the accusations outright, engaging an opposition research firm and seeking to discredit those speaking out against the company. A second series of reports in The Times shed light on how much data Facebook was sharing with select partners, and in a recent development, even allowing some firms to read people’s personal messages. These additional revelations led to parliamentary inquiries in the UK and Europe and a general drop in public trust.

At this time, Facebook’s problems are far from over, but there are still some big lessons that we can learn at this stage.

  • This was a smoldering issue that had been years in the making, and even when concerns arose initially, it took months for people to turn against the firm. However, even though there was no ‘flash-bang’, the company should still have reacted with greater urgency and speed once the Cambridge Analytica issue was public.
  • The internal experts in Facebook were raising concerns well in advance of these being public, but these early warnings were ignored. These same experts also did a great job preparing Mark Zuckerberg for the Congressional hearings reinforcing the need for you to listen to and work with internal SMEs.
  • The Congressional hearings were a win for Facebook, but the lack of knowledge from those asking the questions prevented Zuckerberg from really telling the company’s story.
  • Their PR strategy was a failure. So much so that rather than help with damage control, it actually made the situation worse. Worryingly, their strategy seemed to rely wholly on spin and smear meaning that when these failed, they had – and still have – no strategy.


At this stage, Facebook’s path forward is unclear, and they need a big, bold pivot to move on. There are rumors that former American express CEO KEN Chennault will be named the executive chairman of Facebook which might be the kind of sea change they need. Nevertheless, I suspect the company’s woes will drag on well into 2019, and I think that we will still be speaking about Facebook in our next annual review.

Southwest flight

The next issue was much smaller but something much more tragic when, back in November, a passenger was killed after an engine malfunction on a Southwest Airlines flight. A fan blade became loose and hit the aircraft, killing a passenger in a window seat. This was a tragedy for the family of the victim, but Southwest’s response showed how a company could act with honesty, integrity, and empathy in such circumstances.

  • Southwest never lost sight of the personal nature of this tragedy and how the woman’s death affected her family and friends. This and all of their subsequent actions are closely tied to Southwest’s strong values which they live and breathe.
  • Their CEO was prepared and acted with speed and integrity, taking responsibility and apologizing immediately. In this case, their CEO was their greatest asset as he was at the forefront of the response throughout.
  • Their whole communications response was prepared, and they had practiced how to handle an issue of this seriousness. This meant that the entire organization was able to react quickly and definitively.
  • Southwest has one of the strongest corporate brands and reputations in the country which they were able to leverage in this situation, tragic though it was.


Again, we cannot lose sight of the how much of a tragedy this was for the women’s family. However, this seriousness actually reinforces the need for companies to be able to respond with compassion, empathy, and integrity to issues such as these. Similar to Facebook, albeit for more positive reasons, we have a lot to learn from Southwest.


There were several food recall incidents in 2018 but JBS, one of the country’s largest meat processing firms, was hit with three this year, all relating to salmonella. From the get-go, it appears that the firm was stuck on what we call ‘silo island’: where the tensions and a lack of cooperation between departments thwart the response. However, in addition to this ‘siloing’ problem, the whole tone and tenor of this response was wrong, and several other specific issues that we can learn from really jumped out.

  • Social media still matters. JBS conducted light social media engagement, but it was very limited and ineffective. Social media is still the primary means through which you can communicate to people in a crisis and without this, getting your message out is very hard.
  • JBS was very slow to come forward with information and seemed reluctant to explain what was going on. I like to say that pre-closure is the new disclosure and that companies cannot drag their feet when it comes to sharing what they know with the public.
  • The company totally lacked empathy in their statements and made no attempt to reassure people. Even though there were no deaths from these outbreaks, salmonella can be fatal, and food contamination issues are scary. People still need to be reassured and comforted, and JBS’s statements did not attempt to do this. An example of one statement is shown below, and while technically accurate, it does not attempt to offer comfort or reassurance.


“As a food company, our first priority is the safe production of food. While no products in this expansion have been definitively linked to any illness, we have determined in consultation with USDA’s Food Safety and Inspection Service (FSIS) that this action is in the best interests of public health. According to USDA, Salmonella can cause salmonellosis, one of the most common bacterial foodborne illnesses, which most people recover from without treatment.”

This kind of statement completely fails one of the tests of ethical and respectful communication: how would we feel if this had happened to us? Keeping this in mind and breaking down the silos could have completely changed, and significantly improved, JBS’s response.

Marriott / Starwood data breach

Morrison and Foerster’s crisis readiness benchmark study found that almost 20% of firms surveyed were most worried about a cyber incident and sadly, these just seem to be a fact of life these days. Nevertheless, despite some degree of public acceptance that these events will happen, companies should still take care in the aftermath.

Unfortunately, Marriott / Starwood fumbled their response to the loss of over 500 million customer records this year, but their faults remind us of what to keep in mind.

  • They didn’t mind the trolls, those who would take advantage of this kind of event to send out false communications or set up fake web pages with the hope of spoofing people. Marriott’s poor response left the door wide open for other malicious actors to take advantage of this crisis to exploit others.
  • Marriott’s own emails made this problem worse as they used an odd domain address (mail.marriott.com) instead of something that was clearly owned by Marriott, meaning that their own emails appeared suspicious. People are already wary in this kind of situation so any additional confusion will thwart your communications and prevent your message from getting out.
  • Another problem was similar to JBS above – they were reactive, not proactive. They knew about this event for some time before finally coming forward which further eroded trust in what they were doing and saying. As I said, pre-closure is the new disclosure.
  • They underestimated the personal nature of a data breach. Even though breaches are much more common and not as high profile as years past, the loss of personal information is still important to people.


Throughout all of this, it seems clear that Marriott had not properly prepared for this kind of event. This is despite the fact that because of the sheer number of data breaches, the way to respond to these effectively is well understood. If they had prepared and exercised for this kind of scenario, they would have been in better shape and could have responded much more effectively.

Papa John’s

The final crisis we looked at was one that is more unusual but a situation that could happen to any firm where their brand is essentially one person.

CEO and founder of Papa John’s Pizza, ‘Papa’ John Schnatter, has an alleged history of making insensitive and crass remarks so this was a smoldering issue, but his comments on a call with a marketing agency were sufficiently serious that the firm quit in protest. Not long afterward, the contents of the call became public, raising concerns over Schnatter’s remarks and conduct and casting Papa John’s in a very poor light turning this into an acute problem. Given the severity of this issue, and because this wasn’t an isolated incident, the Board asked Schnatter to stand down.

This was definitely the right decision to make, but the challenge of firing the face of the brand and the subsequent fallout makes this very a hard situation to manage. Two strengths in their response stood out to me.

  • You have to have a Plan B for situations like this. Papa John’s did, and they were executing on that plan as soon as Schnatter was fired.
  • The Board kept focusing on and repeating the company values, the same values that helped them come to this decision. Focussing on these values will help them stay the course.


This is still an ongoing issue, and Schnatter is responding very aggressively to his firing so Papa John’s will be managing this for a while. However, it is an interesting case and one that shows that ‘key man’ companies can survive the loss of that key man.

So that’s out the roundup of 2018. It’s going to be interesting to see how some of these shake out in the New Year, and I suspect that one or two of these events might also make our 2019 list.

We learn a lot from these exercises, and I hope that by sharing our thoughts, you will benefit too and enhance your own ability to ‘look around corners’. We encourage you to take some time and sit with your team to discuss these issues and ask yourself “What if this it happened us? How would we respond?”

All that is left is to wish everyone happy holidays and the best wishes for 2019 from everyone here at Kith.

Filed under: Blog


Bill is a reputation management, crisis communications and professional development expert, keynote speaker, Wall Street Journal Risk & Compliance panelist, and best-selling author of Critical Moments: The New Mindset of Reputation Management. He has more than 25 years of global experience managing high-stakes crises, issues management, and media relations challenges for both Fortune 500 companies and winning global political campaigns.