The Noggin Blog

Developing a Crisis Management Plan for the Holidays

Posted by The Brain on Dec 6, 2018 4:33:49 AM


For retailers, the holiday season means big bucks. Last year's, the most robust in a decade, saw sales top $690 billion in the U.S. alone. Add in European sales, and that figure jumps up to one trillion dollars.

Those sums are staggering. Still, they don't fully capture the vital importance of November and December sales to the industry as a whole. What percentage of annual sales do those two holiday months actually represent? Well, according to the National Retail Federation, holiday sales can account for as much as 30 percent of annual sales.

Holiday Retail@2x

But therein lies the rub – or rather the risk. With holiday sales representing such a disproportionate amount of total yearly sales, retailers had better avoid disruptive corporate crises like the plague. And if they can't, which is often the case, retailers need to develop a corporate crisis management plan tailor-made for the holiday season.

Just ask Target. At the height of 2013 holiday season, the mega retailer announced a major hack: cyber criminals had stolen the payment card information of more than 110 million customers. Consumer blowback was swift. Profits were halved. Revenue fell. And Target would go onto incur over $60 million in hack-related expenses.

The reputational effects persisted beyond the initial blow. In-store foot traffic remained soft throughout 2014, so much so that onlookers suggested that that year's holiday season gift card discount – otherwise known as giving away free money – was meant to revive disappointing foot traffic.

Of course, more retailers won't have the financial cushion or the market share to weather a holiday season crisis like Target. For those organizations, it's imperative to think ahead and refine crisis management planning efforts for the high-volume sales period.

Again, the 2013 holiday hack is intrusive. As former Target CEO, Gregg Steinhafel learned (much to his chagrin), corporate crisis management isn't just about preventing disasters, it's also about managing crisis response after disaster strikes.

More often than not, that crisis response happens out in public. But with the eyes of the media upon it, Target crisis communication experts argue, looked unprepared and unreliable.

For one, Target eventually had to walk back initial statements about the number of customers whose information had been hacked. Also, when Target published an important CEO statement, the retailer put the communication out on its corporate website but not on its social media channels where the bulk of the consumer response was taking place. Target ultimately had to reissue the statement .

These crisis communication faux-pas ultimately cost Steinhafel his job. But they're pretty avoidable if organizations manage to get their crisis management house in order before a major holiday season.

How to do it? First, It's vitally important to understand the biggest risk factor. And none is bigger than the date breach threat, seriously disruptive at any time of the year but potentially cataclysmic during the high-sales holiday season.

In fact, in the last few years, retail had zoomed by the finance, insurance, and hospitality industries as the most vulnerable sector to data breaches. Another risk factor for global retailers holding the personal information of EU citizens on their platforms: this will be the first holiday season during which General Data Protection Regulation (GDPR) rules apply.

The lesson there: read up fully on the statutes if you haven't yet. For instance, under the terms of the regulations, businesses, whether operating in the European Union or offering goods or services to EU customers, are now obligated to protect the personal data they gather. Penalty for non-compliance, even for non-European companies, if that data gets misused are some of the steepest lines in the world, totaling up to four percent of an organization's annual global turnover or 20 million euros. Talk about a holiday horror story.

Additionally, companies who already have a data breach plan aren't in the clear yet. They'll still need to keep a few things in mind. Specifically, when selecting a crisis team and divvying roles and responsibilities, those organizations will need to plan for an upsurge in employee absences by choosing appropriate backups to ensure around-the-clock coverage during the holiday season.

Finally, on the crisis communication front, remember that speed, accuracy, consistency – what we call SAC – matter more than ever during the holiday season, when the news cycle is usually light. To react with maximum SAC, make sure to revisit your stakeholder analysis, and think about how you’ll contact each stakeholder group during the holiday season. The public, in particular, will need updates on your website, social channels, and on traditional news media. Need help getting your crisis management holiday plan off the ground? Download our Introductory Guide to Crisis Management Planning.


Download Now



The Washington Post: The numbers are in: Retailers had the best holiday season in years
National Retail Federation: Winter Holiday FAQ’s
Los Angeles Times: Data theft at Target hurt sales, earnings during holidays
CNN: Target is giving away money to get you to shop
Beta News: Retail sector leads in data breaches as criminals target corporate networks
CNBC: Everything you need to know about a new EU data law that could shake up big US tech


For more content like what you just read, follow @teamnoggin on Twitter and to stay up to date up-to-date with crisis management best practices and tips & tricks, subscribe to our Noggin Crisis Newsletter.

Topics: Crisis Management, Noggin Crisis, Crisis Plans, Crisis Planning

Meet Noggin: all-hazards enterprise resilience software.

Thanks for stopping by!

The Noggin software suite provides flexible information management solutions capable of managing all hazards across a wide range of industries, from the smallest complaint to a multi-national emergency. We help organizations handle all hazards, all media, all devices, all processes - in one suite of software products. Organizations across the world rely on Noggin to help them manage disruptive events more effectively and protect the bottom line for their communities and businesses.

Want to learn more? Get in touch:


Subscribe to Email Updates

Recent Posts