Crisis Communication Plan: Response to Informational Hack of Google Users’ Private Data
Prepared by: Jessica Steele November 23rd, 2015
Plan Test Date: December 30th, 2015
Table of Contents
Message from our CEO……………………………………………………..……….
Acknowledgements…………………………………………………………...……..
Purposes & Objectives………………………………………………………………..
Key Publics……………………………………………………………………………...
Crisis Communications Team………………………………………………………..
Media Spokesperson…………………………………………………………………..
Potential Questions……………………………………………………………...……..
Experts………………………………………………………………………………….…
Emergency Personnel………………………………………………………......
Crisis Control Room Equipment & Supplies………………………………………...
Crisis Control Room Setup………………………………………………………….….
Key Messages………………………………………………………………..…………..
Dissemination of Key Messages……………………………………………..……….
Pre-Information & News Release…………………………………………………….
Evaluation…………………………………………………………………….…………..
Closing Statement………………………………………………………………………
A Message from our CEO
The crisis of an informational hack on Google is essential to address, because it has happened to countless other global information companies and networks. The severity of such hacks range from breaches of shoppers’/users’ personal information such as name, telephone number, physical address, and other demographics into more severe informational hacks, including usernames, passwords, credit card/payment information, and financial pins.
This plan allows Google – one of the globe’s largest information networks, containing over 1.17 billion users worldwide – to prepare and responsibly address a potential informational leak/hack on Google’s users’ personal information. If not followed, we can potentially fall in the same mistakes as many companies before, whom failed to recognize, address, and act upon the ample warning signs and prodromes leading up to the hacks.
For example, when Target shoppers’ payment information was hacked, all warning signs were ignored. Target’s anti-hack security system detected the hack on December 2nd, 2013, but it is said that they failed to act upon this warning until federal investigators warned Target of the breach on December 12th. As a result, an estimated 40 million credit card numbers and 70 million addresses, phone numbers, and other pieces of shoppers’ personal information was accessed and rerouted nationally and internationally to hackers in Russia. Target ended up spending $61 million through February 1st, 2014 responding to the breach, and they responded to over 90 lawsuits filed against them by banks and customers for negligence and compensatory damages. Its holiday shopping profit fell by 46% from the year prior.
Such a situation has also happened to similar entities like EBay, whose users’ private information was also hacked in May of 2014. In order for Google to not fall into the same trap of thinking ourselves to be immune to any such hack, we are taking extreme measures to counteract any premeditative cyber threats. Being a globally renowned business, Google receives cyber hacking threats daily, but our Information, Software, and Global Security Engineers all work nonstop to protect against such hacks.
In mid-December of 2009, Google detected a highly sophisticated attack on their corporate infrastructure originating from China. This attack was not solely on Google, but also on approximately twenty other companies. We released a statement saying that they have “evidence to suggest that a primary goal of the attackers was accessing the Gmail accounts of Chinese human rights activists,” but that goal was not achieved. Thanks to our incredibly rapid response and the diligent work of our specialists, only two Gmail accounts were reported as having been accessed, and the contents of the emails themselves were not accessed. It had the potential to be much worse, but our quick action mitigated the situation.
I not only applaud our incredible response at that time of crisis, but I confidently write that I know our team can make it through any other crisis or hacking attempt. Our shared values and missions bring our employees together and provide the fortitude of resilience. I ask that each member of the Google family read and become familiar with this crisis communication plan. In this way, every employee will be amply prepared to act and react appropriately in the event of any such crisis. Thank you for taking the time to read this message, and thank you for your outstanding commitment to Google’s high standards of being the leading internet browser and platform throughout the globe.
Sincerely,
Sundar Pinchai
Sundar Pichai Chief Executive Officer
Acknowledgement Page
By signing this statement, I verify that I have read this plan and am prepared to put it into effect.
EXECUTIVE MANAGEMENT:
President and CEO ______Sundar Pichai Signature Date
Vice President and CFO ______Ruth Porat Signature Date
Google’s Media Outreach ______and Communication Signature Date Spokesperson Daniel Seiberg
BOARD OF DIRECTORS:
President of Alphabet ______and one of Google’s Signature Date founders Sergey Brin
Executive Chairman ______of Alphabet Signature Date Eric E. Schmidt
Purpose & Objectives
PURPOSE
In the event of an informational hack of Google users’ personal information, usernames, passwords, credit card information, online purchasing history, search history, emails, documents, etc., it is our responsibility as Google to immediately inform our customers. We will address this issue with openness, honesty and transparency. This will ensure that all media sources are directly informed by us, rather than relying on rumors or non-credible information. At Google, we value the trust of our customers above all else, and will so everything possible to express ourselves as the caring, trustworthy company we are. This crisis communication plan is aimed at maintaining all publics and stakeholders updated and informed throughout the duration of the entire crisis, and will hopefully maintain Google’s positive reputation and standards.
OBJECTIVES
This guidance offers direction for the content and dissemination of corporate messages in the event of a security hack/crisis. The following objectives will help Google achieve our goal of clear, concise, effective, informative, accurate communication to our publics throughout the duration of the crisis. This plan is to be executed under suspicion of a hack, as precautionary measures are safer than waiting to receive full confirmation of a hack. Please note that precision and speed are of inexplicable importance to preserving the image of Google in the eyes of our consumers. Being the globe’s most widely used internet browser and a world-leader in apps and software, it is critical for us to move as rapidly as possible throughout these objectives; hence, the stringent time expectations.
v Notification of Google’s Information, Software, and Global Security Engineers within 15 minutes of notice or awareness of the incident (referred to as zero hour). v Assembly and technical tracking of hacker and recovery of Google users’ information per Google’s security team within 30 minutes of zero hour.
v Notification of executive management staff and board of directors within one hour of zero hour. v Assembly and briefing of crisis communication team and assembly of crisis communication room, with all equipment and supplies within 1.5 hours of zero hour. v Notification of all internal stakeholders/key publics within 2 hours of zero hour. v Release of pre-prepared news release to all major and reliable news/media outlets within 2.5 hours of zero hour, also extending notification to external publics. v Press conference with CEO followed by Q&A with panel of experts held within 3 hours of zero hour. v Maintain live updates of the crisis as it develops throughout the remaining duration of the crisis, beginning at zero hour.
Key Publics
INTERNAL
In the event of a crisis, Google’s internal key publics will all be notified within 2 hours of zero hour. Being that the information of almost one billion Google users is at stake, it is critical for Google to move quickly and address the crisis with agility and transparency. Google will remain transparent and honest with its internal key publics at all times, so all are on the same page throughout the duration of the crisis and its aftermath.
BOARD OF DIRECTORS:
Sergey Brin President & CEO of 234-555-6547 [email protected] Alphabet Eric E. Schmidt Executive Chairman 234-555-7890 [email protected] of Alphabet
EXECUTIVE MANAGEMENT:
Sundar Pichai President and CEO 234-456-7778 [email protected] of Google Ruth Porat Vice President and 234-789-6554 [email protected] CFO of Google Daniel Seiberg Google’s Media 234-567-3311 [email protected] Outreach Specialist
In addition to these critical members, we also seek to address/inform the following members of our Google family within 2 hours of zero hour:
v All Google Staff v All Alphabet Staff v All Google Shareholders v All Google Investors
EXTERNAL
In the event of a crisis, Google will notify all of it’s external key publics within 2.5 hours of zero hour. Google will remain transparent and honest with its external key publics at all times, so that faith and confidence in Google is preserved.
The Media: Google will release a mass media statement, announcing the factual details of the informational hack. Google will be the first to leak the information to the public in a factual, honest way. This communication will be done through Google’s media outreach team, led by Daniel Seiberg. Google’s CEO, Sundar Pichai, will also release a brief statement on the state of affairs. Google will post web updates on all its social and digital sites/media as the crisis progresses. Please see the news release provided in this plan.
James Pearson CNN News 455-789-0032 [email protected]
Sasha Alvarga Fox News 321-555-3422 [email protected]
Crystal Deleya NBC News 787-945-6789 [email protected]
Ashley Mann The New York Times 907-334-9001 [email protected]
Consumers: Google will open all hotlines and forms of telephone communication to consumers who may wish to call for updates on the state of Google’s informational hack. Google staff members and human resources will work diligently throughout the duration of the crisis so that all Google consumers feel their concerns are being addressed and their needs met as rapidly as possible.
The U.S. government: Google will notify the U.S. government and cybersecurity of the informational hack. Google will disclose the hackers’ location and as much information as possible to the FBI and governmental institutions handling potential terrorism and cyber terrorism
threats. This will be essential in determining the global breadth and implication of the hacker’s outreach.
U.S. Department of Homeland 100-234-5888 [email protected] Security U.S. Cybersecurity Center 100-445-5890 [email protected]
Industry members and competitors: Google will address its competitors, issuing out a warning and inviting anyone who may be experiencing similar problems to speak up and work towards a solution.
Mozilla Firefox Headquarters 889-234-5556 [email protected]
Yahoo Headquarters 788-004-3456 [email protected]
Internet Explorer Headquarters 220-345-8900 [email protected]
Crisis Team
Sundar Pichai President and CEO 234-456-7778 [email protected] of Google Ruth Porat Vice President and 234-789-6554 [email protected] CFO of Google Daniel Seiberg Google’s Media 234-567-3311 [email protected] Outreach Specialist Sergey Brin President & CEO of 234-555-6547 [email protected] Alphabet Eric E. Schmidt Executive Chairman 234-555-7890 [email protected] of Alphabet Selena Tenner U.S. Department of 100-234-5888 [email protected] Homeland Security Brendon Saul U.S. Cybersecurity 100-445-5890 [email protected] Center Alissandra Cortez Google’s Legal 786-343-9972 [email protected] Entity
Media Spokesperson
The primary spokesperson for Google during the duration of this crisis will be Daniel Seiberg, Google’s global head of media outreach and the leader of Google News Lab. His contact information is found below. Although Mr. Seiberg is well-versed in public relations, please take the time to review the following interview tips and prompt questions with him prior to our initial public news release.
CONTACT INFORMATION
Daniel Seiberg Media Outreach & Communication Specialist Office: 234-567-3311 Mobile: 954-555-6899 Email: [email protected]
Interview Tips:
v Always be clear, concise, and honest. v Transparency is key – attempting to hide critical information from stakeholders, the media, and the public has the potential to jeopardize Google’s reputation and lose the trust of our consumers. v If not sure of an answer, be honest. Tell the media you will provide the answer as soon as it is known to you. v Do not provide false reassurance. v Tell the public we will keep them updates and informed as we receive minute-by-minute updates of the crisis. State that all our call-centers are currently responding to any questions relating to this informational hack, and our website informational page is being updated with live updates. v Do not discuss key details of the investigation unless explicitly cleared to do so. U.S. government involvement and the safety of out global internet may rely on your discretion in not sharing confidential, potentially threatening/dangerous information with the public.
Trick Questions:
v Did a Google employee leak confidential data to cyberterrorists? “Unfortunately at this time, I am not at liberty to discuss the details of the undergoing investigation with respect to who triggered this informational leak. I do know, however, that Google’s top hackers, programmers, and technicians are working diligently with the U.S. government to identify the source of this hack, the breadth of the information obtained, and to determine how this will impact our global community. As of right now, we are the only large entity to have been attacked by these hackers, but we will provide updates if any of our competitors release information as well.”
v What if this crisis was caused by a spy or a Google employee working undercover for a cyberterrorism organization? How can the public trust Google again?
“Being that we are currently unsure of the exact source/cause of this hack, I cannot specifically say whether a Google employee was involved or not. That being noted, Google is a globally renowned company whose top priority is excellence and dedication to growing with and for our customers. All our employees are hired not only based on their technical skills/areas of expertise, but also on how their values align with ours. In the unlikely even that a Google employee was working undercover or assisted in hacking our informational systems, that person will be tracked, removed and charged with the appropriate sentence per their actions, and Google will deepen and reform our employee hiring process in order to prevent future incidences like this from happening again.”
v How do you know that you have the world’s top hackers and programmers on your team? What if there is someone better out there working against the greater good?
“At Google, we take pride in the amazing talents of all our employees; that is why we hired them. We actively seek out globally renowned hackers, computer experts, and programmers from around the world and invite them to delve into career opportunities with us. So is there someone ‘better’ out there? Maybe. But we make it our business to know and hire the globe’s best of the best.”
v What are the implications of this cyberterrorist act on global internet usage and confidential information? “With the limited information I have at the moment, I unfortunately cannot say that the implications of this cyberterrorist act are on global internet usage and confidential information. However, I know that a cyber threat of this proportion will absolutely set the precedent for all institutions like ours from this point on.”
v Should consumers stray farther and farther away from the internet, in case something like this happens again?
“Consumers need not stray farther from the internet out of fear. Google and others will work even more diligently from this point to secure our customers’ information and protect against hackers. Our global future is riding upon the internet, and Google strives to make such technology easily available to all people.”
Experts Who Could Speak to This Crisis
In the unlikely event of a crisis, the following experts should be contacted in order to provide a holistic perspective from within Google as well as third- party/outside expertise on the nature of hacking crises:
INTERNAL EXPERTS:
Sundar Pichai President and CEO 234-456-7778 [email protected] of Google Parisa Tabriz Google’s Security 234-667-5460 [email protected] Princess & Lead Hacker John McClena Google’s Head 234-009-3456 [email protected] Software Technician
EXTERNAL EXPERTS:
U.S. Department of Homeland 100-234-5888 [email protected] Security U.S. Cybersecurity Center 100-445-5890 [email protected] James Stennal: Global Hack-A-Thon 561-988-0045 [email protected] Champion from 2011-2015 Perry McClelan: Renowned Hacking 904-789-3342 whatdoeshackingmean@ expert working against cyberterror gmail.com
Emergency Personnel to be Contacted
In the incredibly unlikely event of a hack on Google’s information systems, please contact the following emergency personnel as soon as the crisis is suspected. Note that confirmation of the validity of the crisis is not necessary prior to executing crisis control and communication.
Larry Page Chief Executive Officer of Alphabet Office: 234-555-4800 Mobile: 577-843-3300 Email: [email protected]
Sergey Brin President of Alphabet Office: 234-889-0443 Mobile: 954-388-0499 Email: [email protected]
Daniel Seiberg Media Outreach & Communication Specialist Office: 234-567-3311 Mobile: 954-555-6899 Email: [email protected]
U.S. Department of Homeland Security 1220 SE James Blvd. Virginia, USA, 33495 Office: 688-399-3490 Email: [email protected]
U.S. Cybersecurity Center 4567 NW 13th Terrace Washington, USA, 47789 Office: 100-234-4999 Email: [email protected]
Equipment & Supplies for Crisis Control Room
Equipment: v Land line telephones for every crisis response personnel v Televisions with cable/satellite v Television remotes and batteries v Computers and desk space for every crisis staffer v Printers/scanners & fax machines v Tables and chairs v Microwave v Refrigerator v Charging stations v Power strips v Extension cords v Projector screens and projectors v Video cameras and tripods
Supplies: v Paper/large notepads v Varied writing utensils – pens, pencils, highlighters v Post-it notepads v Staplers and staple refills v Coffee and filters v Dairy and non-dairy creamers v Varied sweeteners v Filtered water and cups v Assorted snacks
Room Set-Up:
With this setup, all crisis response personnel will have the comfort of their own desk space, computer, telephone, and power strip outlet while also being within the proximity of their coworkers. This room setup is vital for boosting the morale of all employees, as they will have the support of others around them in this non- isolating table structure. Additionally, it will be very convenient for Google’s CEO or Media Spokesperson to provide in-time updates to all crisis response personnel at once.
Development of Key Messages
We would like to keep the following key messages at the forefront of our crisis communication plan. These messages are aimed to assuage and mitigate any worries and stresses our consumers may feel in response to an informational hack. At Google, we value the trust of our customers above all else, and will so everything possible to express ourselves as the caring, trustworthy company we are. We will address this issue and convey the following messages with openness, honesty and transparency.
1) At Google, our customers’ wellbeing comes first. We understand the amount of trust and reliability we need to have in order to earn and maintain our customers’ loyalty, therefore we strive to excel expectations every day.
2) Google has never experienced a hack of this magnitude since its foundation in 1998, and we assure our customers that any future attempts will be thwarted even more strongly than before.
3) Our globally renowned computer and software specialists are working relentlessly to uncover the cause and culprit of Google’s informational hack.
4) We will maintain transparent and reliable communication with our customers throughout the duration of this crisis. All our call-centers are currently responding to any questions relating to this informational hack, and our website informational page is being updated with live updates.
Dissemination of Key Messages
We will use the following means of disseminating the key messages during our crisis resolution, in order to reach all our publics as rapidly and effectively as possible:
To those actively seeking more information:
These consumers are most likely Google stakeholders and persons/companies directly impacted or whose information was compromised by the hack. We expect that they will be awaiting live updates, reliable and honest information, active solutions, and transparency, all of which will be provided through the following:
v Website/Google media blog live updates v Any and all social media outlets Google is present on v Release of press conference videos
To those who are not actively seeking information:
These consumers are the general public who may not be Google users or who may not yet be aware of the crisis and the ways it may impact them. We will seek to reach out to these publics via the following mediums:
v Press releases to various media outlets v Press conferences held to reach internet users/consumers v Having our crisis call center open and available for all questions/concerns
Pre-Information
Google’s Values - We strive for excellence and always put our customers first, as per the following ten values we know to be true (available on our company’s page):
v Focus on the user and all else will follow. v It’s best to do one thing really, really well. v Fast is better than slow. v Democracy on the web works. v You don’t need to be at your desk to need an answer. v You can make money without doing evil. v There’s always more information out there. v The need for information crosses all borders. v You can be serious without a suit. v Great just isn’t good enough.
Google’s Code of Conduct – Our expectations for excellence are incredibly high, because at Google we understand the importance of high-speed, reliable internet service and applications which you can trust. We hold our employees to the highest standards, and strive to make sure their goals and values align with ours. Our customers always come first, and we work every day to make Google users’ lives easy and seamless.
News Release:
FOR IMMEDIATE RELEASE Date: ______
Contact: ______Phone: ______Email: ______
Private information of almost one billion Google users gets hacked
Critical information ranging from passwords and usernames to credit card data was hacked from Google’s databases (today/this morning/this afternoon/this evening/tonight) ______. The hackers remain unknown, but Google’s top computer engineers, programmers, software developers and hackers are working diligently to identify the source of the hack. “We will not stop searching until we find those responsible for this informational violation,” Google CEO Sundar Pichai said. “Google – and the entire world, for that matter – has never seen a hack of this proportion, but we are working overtime to produce results for our consumers and to get to the bottom of this.” Google, with almost one billion global users, was severely impacted by this hacking incident. Leading all efforts to uncover the hackers’ identification and location is Google’s Security Princess, Parisa Tabriz. She heads a team of 27 Google engineers who build and protect Chrome, the world’s most used web browser. “With every passing minute, we are closer to finding the hackers and restoring all lost data,” Tabriz said. “The sooner we find the hackers, the less damage they will have done with our users’ private information.” Google immediately notified press, consumers, stakeholders and even the United States government of the hack. Google is assuring the public of its transparency and honesty in the midst of decoding the hack. They promise to give live updates to all consumers via their website and Google blog, updated press releases and news conferences.
###
Evaluation Techniques
1) Media Relations: a. Did the media effectively and diligently convey the information we provided? i. If not, which media outlets were difficult to work with? ii. Which media outlets were the easiest to work with/the most responsive? b. Were our media “trick questions” adequate preparation for any skewed questions the media asked? c. Did the media end the crisis with positive messages about Google? d. Was there any impact on Google’s relationship with varying media outlets as a result of this crisis? e. How did Google’s media spokesperson perform under pressure?
2) Public/Community Relations: a. Does the public trust Google with its browsing/data/informational/internet needs? i. If not, based on data collected via phone, email and internet surveys, what is the primary factor hindering consumers from trusting Google again? ii. How can we at Google work to mitigate this issue? b. How can we promote positive messages about Google? c. Was our communication with consumers positive, informative, and effective? d. Did our crisis call centers, live website updates, press conference releases, and blog posts assuage the public’s worries? Did we do our job of effectively communicating? i. If not, what can we do to improve?
3) Crisis Management Team: a. Did we comply fully with the crisis communication plan, as we agreed to and signed? i. If not, what aspects did we forget, miss, or disregard? ii. Why did we fail to address these aspects? b. Did all team members perform their tasks diligently and adequately? i. If so, can these same members be relied on in future crises or as part of other crisis management teams? ii. If not, who failed to meet our standards? How can we address these individuals to let them know the areas they failed to excel in?
a) Should we consider removing these individuals from future crisis management teams? c. Were there any items not listed in the crisis communication plan that should have been included? Was anything left out or overlooked which we can add to future crisis plans?
Closing Statement
At Google, our mission is to connect global users in a way that was never before possible. Our consumers have always been and will always be our top priority, and therefore this crisis communication plan is being provided in order to properly and transparently relay information to the public. Our effectiveness as an entity is determined by our users’ trust and loyalty, and we do not want to jeopardize that in the wake of any hack or informational leak. We know that our employees share our dedication to excellent customer and product service, and together we can work to effectively mitigate any public anger, misunderstandings, or negative feelings in the event of a crisis. We at Google appreciate your cooperation in following the guidelines of this crisis communication plan, and I would like to personally thank you for taking the time and care to read this plan.
Sincerely,
Sundar Pinchai
Sundar Pichai Chief Executive Officer