Reputation Risk Q&A – Richard Levick (2 of 2)


This is part two of a reputation risk Q&A with Mr. Richard Levick; President and CEO of Levick Strategic Communications in Washington, DC.

Part one can be found here.

6. In your opinion, how do you distinguish between worst-case reputation loss versus expected reputation loss?

Richard Levick: One word – experience. That’s how you anticipate what’s coming next and prevent the worst-case scenario from coming to fruition. It’s all about staying one step ahead.

Today, the period of time between the gating event that alerts you to a brand crisis and the bet-the-company moment is increasingly indistinguishable. When video of two Domino’s employees defiling customers’ food was posted to YouTube earlier this year, one million people – a number greater than those who subscribe to The New York Times or The Wall Street Journal – had viewed it within the first 48 hours. What that tells us is that crises now move faster than ever before and that companies have to be ready to act at moment’s notice. That means preventing and responding to reputational risks and crisis needs to be in the DNA. You don’t get that by accident. Or maybe you do, but at a terribly high price.

To do it right and prepare ahead of time means knowing what regulators, Congress, or state attorneys generals are going to do next. It means anticipating the next moves of the plaintiffs’ bar. It means monitoring the blogosphere and other social and digital media for intelligence as to where the traditional media may soon be heading. It means identifying likely company risks now and extrapolating what this means in terms of Search Engine Optimization, High Authority Bloggers, and social media. If you are reading this last sentence and don’t understand what I mean, your company is at far greater risk than you think.

To get started, build a relationship with crisis managers now – before you need them – so that you can build the trust that fast action demands. In crisis, you’ve got to see how the dominos – no pun intended – are lined up and know how they’re going to fall. It’s the only way to keep up with a news cycle that is now measured in minutes, not hours.

7. What are the key controls an information security risk analyst should take into consideration when assessing reputation loss impact (or magnitude)?

Richard Levick: With virtually every traditional journalists now regularly reading blogs for story ideas, careful monitoring of the blogosphere provides invaluable intelligence as to the scope of the reputational damage that may result from IT security breach.

That means knowing the high-authority bloggers – those with the greatest influence over perceptions – that cover your industry. And it also means being ready to engage them should a data breach occur. By bringing bloggers into the fold, companies allow themselves an opportunity to shape the narrative before it influences the traditional commentary to follow – and thus limit the reputational damage potential at play.

8. Do you have any tips for effectively communicating reputation risk to middle management and executive leadership?

Richard Levick: In today’s media environment, the C-Suite has to know that everything it does – or chooses not to do – can potentially impact the corporate brand. That means always thinking like your consumers, investors, regulators, and stakeholders that run the gamut – and taking their perceptions into consideration whenever a decision that could potentially impact these audiences is made.

I think middle managers need to own issues like understanding who the High Authority Bloggers are and having personal relationships; anticipating risks and knowing who controls those terms on the search engines; tracking YouTube, Twitter, and other sites for signs of consumer or stockholder dissatisfaction or industry unrest; and recommending instant positive intervention. Middle managers need to think differently. Today is a good day to start.

9. Do you have a favorite reputation risk engagement that you are willing to share (regardless of outcome)?

Richard Levick: I often look back to what Hasbro did during the 2007 lead-paint scare because it demonstrates how a crisis can be transformed into opportunity if a company articulates leadership in solving the problems at hand.

While Hasbro did not initiate a single recall during the lead paint crisis, the company recognized that its entire industry was under siege. Inaction could have led to guilt by association in the Court of Public Opinion. More important, remaining on the sidelines could have allowed a significant opportunity to differentiate itself from the competition to slip by.

So, rather than sit back and let the competition take the heat, Hasbro stepped up by implementing a “Total Safety Program” and making the initiative a central element of its traditional and online marketing strategies. As a result, the company became the “gold standard” around which all of its competitors were forced to rally. Though it wasn’t directly impacted by the crisis, Hasbro took action to abate it. As a result, its October 2007 earnings jumped 64 percent from the previous year.

10. Are there any good sources of information you can recommend for learning more about this subject?

Richard Levick: I would point to four such resources maintained by my firm…

Levick Strategic Communications’ Bulletproof Blog™ (…

Our e-newsletter, High Stakes™ (…

Our Crisis Communications Desk Reference (…

And our book, Stop The Presses (

Also, I would encourage your readers to keep an eye out for our next book, on leadership during crisis in the digital age, which will be coming out in early 2010.


I intend on posting some of my thoughts on Richard’s answers in an upcoming post. I hope you found Mr. Levick’s perspective to be as useful and intriguing as I do. Regardless, thank you Richard for participating in this effort; I look forward to continued interactions.


5 Responses to Reputation Risk Q&A – Richard Levick (2 of 2)

  1. […] 2 of Chris’s interview with Richard Levick is up. Reputation Risk Q&A – Richard Levick (2 of 2) << Risktical Ramblings Tags: ( reputation […]

  2. Jack says:

    Very interesting and useful post, Chris, my thanks to you and Mr. Levick. A couple of questions/observations come to mind:

    1) It felt like Mr. Levick contradicted himself a bit — or I misunderstood something (more probably). On the one hand, he said that it wasn’t feasible to measure reputation risk, but then he went on to say that it’s relatively easy to quantify the legal, market share, stock, etc., effects of an event. It seems he differentiates between the “potential cost of loss of reputation” and those quantifiable effects mentioned above. I’d be curious about what he includes in the cost of damaged reputation outside of those effects.

    2) It’s probably so obvious to Mr. Levick that he overlooked mentioning it (or it’s assumed in the context of the discussion), but it’s important to remember that in order for an event to seriously affect an organization’s reputation, the event has to be closely tied to the fundamental value proposition of the organization and/or present significant potential harm to the stakeholders or community. This is an important distinction because the infosec industry has tended to latch onto reputation damage as the FUD stick to beat management with, without understanding the dynamics involved.

    3) Does Mr. Levick believe that the increased speed of today’s communications, combined with the nearly constant bombardment of “newsworthy events” has decreased audience attention span and, thus, to any degree mitigated the potential long-term effects of events?


  3. Chris Hayes says:

    @Jack – Richard Levick provided the following response to your comments on 8/12/2009:

    Thanks for your questions and insights – you make a number of strong points.

    As to your first comment, the point I was trying to make is that in the midst of crisis, a CEO has a number of variables to consider before taking a corrective action – many of which are quantifiable while the most important one is not. If you’re in a data loss situation, the legal team can estimate the cost of increased exposure associated with publically taking full responsibility for the breach. The IR team can estimate the impact on stock price. Compliance can estimate the cost of failure to comply, etc… But how do you generate hard numbers that quantify what loss of credibility and trust does to a company?

    You’re exactly right that legal risk, market share, stock price, and other measurables are inexorably tied to reputation. But so is the value of the brand. The problem is that too many CEOs in crisis see the silos, but not the whole brand. They often don’t see how to overcome all of the quantifiable risk to preserve the unquantifiable one, the brand. As a result, they too often commit the sin of inaction – which is the slow kiss of death in data loss crises or in any situation where trust is on the line.

    For an example of a company that does get it, I’d point to ExxonMobil. Two decades after the Valdez spill, the company still shells out millions of dollars to ensure that their tankers are as spill-proof as possible. The company can’t precisely quantify what another spill would cost – but it understands how another spill would impact public trust. Thus, it makes the necessary investments to protect its reputation. The company sees the additional costs of corrective action as integers in a larger equation.

    As to your second comment, I would simply say that trust is gained inches at a time but lost all at once – and that a crisis some may think has nothing to do with the fundamental value proposition offered by a company always has the potential to change how people view it and its leadership. Did Bill Clinton’s marital indiscretions have anything to do with governing? Most would say no – but they jeopardized his presidency just the same.

    As to your third comment, I would argue that while the increased speed of communication does affect audience attention spans, its impact on how companies must respond to crisis is much more significant. Because audiences are more distracted today, they process information, make decisions, and move on to the next thing in only a matter of minutes. In today’s media environment, if you’re not ready to respond to crisis at the drop of a hat, you cede control of the story to others – and increase the chance that you’ll be tagged as a villain before you’ve even had a chance to respond.

  4. Jack says:

    Thanks Chris (& Richard). Richard’s absolutely right, of course, that it’s impossible to predict precisely how leadership will react in a crisis and, thus, the actual outcome. That said, I’d offer that the point of risk analysis isn’t prediction or precision, it’s to provide management with a reasonable understanding of probable outcomes given specific (stated) assumptions. A good risk analysis can articulate not only the quantitative estimates of reputation-associated losses, but also key variables that are in play (e.g., management responses) and their potential effect. With that information in hand, it seems more likely (but not certain) that management would make better decisions in a crisis.

    As for “brand value”, I guess I’m still a bit at a loss as to how that value is realized (or damaged) if it isn’t in market share, stock price, cost of capital, etc.


  5. […] And third, shorter decision cycles and the threat of fast-moving misinformation mean that trust will become a company’s most valuable asset. Some could correctly argue that the public’s confidence in a company or brand has always been the most critical element of effective business strategy – but today, it’s been elevated to another level. When bad news breaks, trust is what leads customers, investors, analysts, and regulators to say “wait… that’s not the company I know.” It is what provides chances to counter with messages of your own and shape the narrative before opinions are formed and audiences move on to the next thing. […]

%d bloggers like this: