Ah, another day, another marketing misstep in the unfortunate context of crisis communications. Actually, "misstep" is far too lighthearted a term to use for many companies in the age of social communications.
Consider the news headlines devoted to the Sony data breach of 100 million user records. That seemingly never-ending saga was yet another reminder of the increased demand for open, honest, rapid, and ongoing communication in today's networked world. Failure to meet that demand will result in lost brand equity and lost customers.
A crisis can serve as a stage to show the world that your company is either unorganized and uncaring or responsible and human, as noted in what is still considered the best-practices playbook of effective crisis communication—Johnson & Johnson's handling of the Tylenol poisoning of 1982. Clearly, Sony should have taken a page from that playbook.
In this day and age, the chances are pretty good that your company will need some form of crisis communication, particularly in the areas of information security and data loss. Information is the new currency of the 21st century. All your data—from intellectual property, to customer databases, patient records, and even facility blueprints—are extremely valuable. Today, a severe data loss could end up being a going-out-of-business event for many companies.
In that regard, your marketing and communications teams play two important roles.
First, know that Marketing often serves as the Achilles' heel of information security. With the increasing advent of cloud-based marketing automation, your customer data is now sent to third-party companies that may not be as security conscious as you. (Note the recent breaches suffered by major brands due to their marketing vendors' security missteps.)
Also, be aware that your marketing department often handles some of the most sensitive documents in your company—from RFPs to blueprints, and of course, your customer and prospect database. Conversely, the marketing team is often the least likely to be trained in any form of IT security preparedness or processes.
Second, note that in the event of a major data loss (especially if you are a larger organization), powerful interests will come into play and could harm your company more than the breach itself. In a data breach, legal and corporate communications teams will often be at odds with each other.