Part 1 – Protection
If you have ever been the victim of an adverse post or campaign on social media, you will know how devastating this can be to your business. If you have not yet experienced this, you are fortunate. But, how do you know you have not? And what are you doing to protect your business and ensure your brand reputation is not tarnished?
Protecting Your Brand
In this article we cover the following:
- The Team
- Protection Quick Tips
‘Sprout Social’ reports that companies only reply to one in ten social media posts that merit a response (Sprout Social, 2017). The failure to reply to a post can only exacerbate damage to a brand. Remaining silent is a flawed option. If you do not engage matters can very quickly escalate.
Infinity Consulting (IC) recently acted for one business where posts on Twitter led to a fake account being setup accusing the directors of being fraudsters. This caused immense damage to an otherwise well-respected brand. The surprise came when the company approached Twitter who refused to shut down the fake account notwithstanding its libellous content.
The first action to a negative post from a customer is to apologise and to advise you will urgently look to resolve the matter. This should be followed immediately by direct message (DM) to the customer. This shows others you take customer service seriously. After all, 81% of purchasing decisions are influenced by friends’ social media posts (DeGruttola, 2017) and Google suggests 67% of purchasers are influenced by review sites (Hinckley, 2015).
With social media comes great risk. Brand protection is not just limited to irate customers whose tumble dryers catch fire or a doctor being violently evicted from a flight. Perhaps just as bigger risk is that of cybercrime. Kaspersky suggest phishing attacks via social media costs £865m annually with 90% of business surveyed admitting some kind of security breach (Kaspersky Labs, 2015). ZeroFOX believe more than £300m of financial scams are instigated via Instagram (ZeroFOX, 2016).
With social media the consumers have immense power. The word ‘viral’ has taken on a new meaning since the likes of YouTube become part of everyday life.
Scammers have become very adept at imitating brands, often copying whole websites, to obtain financial details.
The types of risks facing brands include:
- Negative comments (conversations demeaning a brand)
- Malicious postings (content designed to embarrass the brand)
- Scammers (stealing bank and credit card information)
- Hacked accounts (posting malicious content from the brand’s account)
- Fake accounts (to steal financial information or damage a brand)
- Cyber theft (hacking accounts to obtain valuable data)
- Malicious employee posts (disgruntled employees posting embarrassing content)
- Innocent employee posts (employees innocently posting contents that breaches compliance rules)
Protecting a brand is not easy; you can never be 100% protected no matter what you do. But simple steps can be highly effective.
The benefits of protection are:
- Mitigation of the actual operational costs of repairing the damage (on average £27.5k for SME’s and £397k for corporates (Kaspersky Labs, 2015).
- Reduction in fines under GDPR (up to €20 million or 4% annual global turnover, whichever is higher (ICO, 2018)).
- Reducing reputational damage
- Improved rankings on review sites
- Avoiding costly compliance violations for regulated brands (for example financial institutions)
- Increase traffic (and sales) to a brand or website
- Being seen to protect consumers
Many businesses make the mistake of just leaving brand protection to the “marketing guys”. This is not good practice. Brand protection should be an institutional matter. Establish a brand protection team which should include, where possible, the following roles:
- Public Relations
- Customer Service
- Compliance, Governance and Risk
- Corporate Security and Fraud
The roles above should communicate in real-time and meet at least monthly.
Naturally, Marketing are the gate keepers for all of the stakeholders. Public Relations should establish crisis plans and lead any public relations issues. Customer Service should monitor reviews, posts and website content and engage in a positive way with consumers. ICT, Corporate Security and Fraud should lead on fraudulent attacks on the brand and customers as well as cyberattacks, malware, data loss and so on. Compliance, Governance and Risk need to lead on posts that cause compliance or regulatory concerns. Finally, engage with your legal team on any risks.
The RAG colour coding above depicts the level of daily activity required from each member of the team. Clearly the frontline stakeholders in the fight for brand protection are Marketing and Customer Service.
The amount of work required from each stakeholder and the size of the team will naturally depend on the size of the business and the number of brands requiring protection. That said, do not imagine that if you have no online presence you can ignore monitoring for brand protection.
Give your team the time and the tools required to enable them to fulfil their roles. There are numerous online platforms that can run and monitor your online presence. These include the monitoring of:
- Return on investment of your online presence
- Analytics on campaigns for your brand
- Social conversations about your brand
- Security threats to your brand
When you have assembled your team of stakeholders, produce a ‘problem statement’ that identifies the task in hand. From there, base all of the actions, processes and goals on the content of the problem statement to ensure the right outcomes are achieved from the start.
Create a list of risks and using a RAG status to prioritise them in terms of severity and frequency (see the example risk matrix below):
Try and list as many possibilities as you can and ensure all stakeholders have input. Once you have your table of risks allocate each one to the relevant stakeholder. Keep updating the table as trends change and review at each monthly meeting.
Establish a set of polices for social media and the brands online presence. This should set out the guidelines for the business on social media usage including ‘do’s and don’ts’, regulatory and compliance requirements, content and so on.
Alongside the policies, produce a process flow of what actions need to be taken on each risk should an incident occur. For ease of use, utilise flow charts for process flows.
Once you have established your team, online tools, risk matrix, your policies and process flows, train your team to ensure they are fully conversant with the Brand Protection Programme (BPP).
Once you have launched your BPP make sure it retains momentum. Ensure:
- You hold monthly meetings
- Evaluate analytics
- Review incidences, action taken and results
- Look for areas to improve
- Disseminate your findings across business
Speed of response to an incident is paramount. Posts, in whatever form, can go viral in a matter of hours. Your actions must be swift and decisive. If you need to have material removed from a social media platform ensure you contact the right department and, if possible, utilise the legal team to add weight. Follow up removal requests as most social media platforms are dilatory on this subject and will often quote freedom of speech etc. Make sure your removal requests heads off these types of argument if the posts are offensive, untrue or fraudulent.
Adopt a Kaizen approach to your BPP with your team to ensure you get better and better at brand protection.
Remember, there are 2.1m negative posts per day in the US alone (Rogers, 2015). Social media is fast becoming the preferred model of scammers. By 2021 cybercrime is said to cost $6tn annually (Morgan, 2017). FireEye found 36% of respondents said their perception of a brand reduced after a security breach (Callahan, 2015).
Protection Quick Tips
- Use single sign-on on your corporate network
- Enable two factor authentication
- Get accounts verified by the social media platform
- Shut down masquerading accounts
- Monitor keywords and hashtags
- Utilise an online logo detection tool
- Monitor @mentions
- Monitor your detractors and competitors
- Respond to your consumers negative and positive comments
Callahan, M. (2015, March 1). Big Brother 2.0: 160,000 Facebook pages are hacked a day. Retrieved from New York Post: https://nypost.com/2015/03/01/big-brother-2-0-160000-facebook-pages-are-hacked-a-day/
DeGruttola, M. (2017, April 1). 12 Stats That Prove Social Content Influences Consumer Buying Behavior. Retrieved from Stackla: https://stackla.com/blog/12-stats-prove-social-content-influences-consumer-buying-behavior/
Hinckley, D. (2015, September 2). New Study: Data Reveals 67% of Consumers are Influenced by Online Reviews. Retrieved from Moz: https://moz.com/blog/new-data-reveals-67-of-consumers-are-influenced-by-online-reviews
ICO. (2018, March 8). ico. Retrieved from Guide to the General Data Protection Regulation (GDPR) : https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/
Kaspersky Labs. (2015). DAMAGE CONTROL: THE COST OF SECURITY BREACHES IT SECURITY RISKS SPECIAL REPORT SERIES . Retrieved from Kaspersky: https://media.kaspersky.com/pdf/it-risks-survey-report-cost-of-security-breaches.pdf
Morgan, S. (2017, October 16). Cybercrime Report. Retrieved from Cybersecurity Ventures: https://cybersecurityventures.com/hackerpocalypse-cybercrime-report-2016/
Rogers, S. (2015, December 16). Digital Pitchforks. Retrieved from Venturebeat: http://insight.venturebeat.com/report/digital-pitchforks-turning-social-media-complaints-brand-wins
Sprout Social. (2017). Call-out Culture: People, Brands & the Social Media Power Struggle. Retrieved from https://sproutsocial.com/insights/data/q3-2017/
ZeroFOX. (2016, August 24). ZeroFOX Research Team Publishes Exclusive Research on Instagram Scam Epidemic. Retrieved from ZeroFOX: https://www.zerofox.com/blog/zerofox-research-publishes-instagram-scam-whitepaper/