1) Adjust to the new normal - Business won’t and shouldn’t be the same after a crisis. Stakeholders will look at you differently, your actions will be judged against a new standard and how the company operates on a day to day basis may be fundamentally altered. Everyone from senior management through to frontline staff need to recognise and adjust to how the organisation has changed and consider this new normal when it comes to making decisions about its future.
2) Play the long game - Businesses can be quick to ‘move on’ from a crisis but in doing so run the risk of alienating stakeholders. Affected customers and employees have long memories so any business decisions need to made with one eye on how those impacted by the incident may respond.
3) Commit to the learnings - I have lost count of the number of businesses I have seen undertake a comprehensive review of a crisis only for it to sit on a shelf gathering dust. When you’ve done your review, create an action plan assigning tasks and deadlines and commit to making sure changes actually happen.
As for Talk Talk, this isn’t their first issue with data security. As such it’s vital they get their approach to crisis management right in the short and long term. If not, understanding may be in short supply if the worst happens again.