When crisis planning requires scope enough to incorporate pandemics, global conflicts and cyber-attacks, organisations must re-think how important information is shared across departments.

For all the enthusiasm in abundance at the International Association for Measurement and Evaluation of Communication’s (AMEC) annual summit held in Bulgaria this year, those who took to the stage didn’t mince their words when describing the global context in which businesses operate today. Following the Covid-19 pandemic and Russia’s invasion of Ukraine, Kosta Petrov, founder of PR events company P World, quipped that AMEC attendees ought to add "alien invasion" to their lists of crises to plan for. 

As conference attendees milled politely in and out of the event's designated rooms at Sofia's Grand Hotel Millenium, the only sense of any crisis percolating was on Wednesday morning, when limited coffee supplies resulted in snaking queues and the disgruntled tutting of those possibly still recovering from a long-haul flight. Petrov's talk proved sufficient enough to jolt everyone awake, however, as he continued solemnly: “There are over 50 high-stakes elections taking place worldwide this year, and far-right groups are only becoming more popular. Our societies have never been more polarised.

“We live in an age of ‘permacrisis’.”

Despite excitement around the development of new tools to assist in media measurement strategies, the growing threat of cyber-attacks, emphasised across the two-day event, couldn't be ignored. “Working in communications and PR, we need to keep our eyes open – a crisis can happen at any moment,” Petrov said, adding that cyber threats were what concerned his clients most. “Many are worried, but still don’t have cyber-attacks in their crisis plans.”

For many time-precious businesses, especially those with limited resources, there simply isn’t the incentive to prepare ahead for a crisis when compared with the more immediate and pressing tasks that an organisation handles day-to-day. This is especially concerning, Petrov explained, considering the ease with which a cyber-attack can occur: “Most happen because one employee clicks on a link.”

The consequences of a cyber-attack for an organisation can include the theft of money or data, or damage to reputation. In a panel discussion on artificial intelligence, Julia Petryk, co-founder of Ukrainian PR Army, warned that the technology can be invaluable to malign actors wanting to share disinformation. “Russia was exemplary in its effort to share false information about Ukraine years ahead of its attack.”

When questioned on the level of data literacy required to understand the threat posed when AI is in the wrong hands, the panel was ambivalent. “Even very well-educated reporters can fall for it,” Petryk responded.

The most effective way to protect yourself and your organisation from cyber-attacks or clicking on dodgy links is through building awareness, claimed panellist Christina Rettig, head of strategic marketing and communication at Schott AG. “Typically, the communications department is the last to be informed about, or advised on, technological developments in an organisation.”

While this means that communications professionals have a little longer to play about with new tools, it is also the department responsible for informing people and building awareness. “Typically, IT and communications departments are not close at all – we need to build this coalition.”