National security routinely involves life-and-death decisions that must be made under the extreme scrutiny that goes along with doing the people’s business. This is especially true at America’s single largest institution: the Department of Defense. While the Pentagon may be in a class by itself when it comes to organizational complexity and high-stakes decision making, nearly all business leaders can expect to be confronted with crises that may threaten their organization’s reputation and perhaps even its survival. In this article, a former U.S. secretary of defense explains that a high-stakes situation requires more than a communications plan — it also requires a workplace culture where people are encouraged to face problems with integrity, accountability, and tenacity. He describes his checklist of actions for communicating with transparency and taking responsibility during a crisis.
On an early Sunday morning in October 2015, I was flying overseas aboard the U.S. Department of Defense’s specially equipped 747 when the first video images of an attack on a medical clinic in Kunduz, Afghanistan, started airing around the world. The clinic was operated by the international nonprofit Médecins Sans Frontières (MSF, or Doctors Without Borders). And though the evidence was sketchy, some immediately blamed the U.S. for the bombing. MSF quickly denounced the attack as a “grave violation of International Humanitarian Law.”
While my staff had issued an initial statement acknowledging the incident, the press on board my plane began clamoring for me to say something more in my role as secretary of defense. At that point, a few hours into the flight, we still did not have a clear picture beyond what the TV was reporting and the confirmation of our commanders that no other country was operating combat aircraft over Kunduz. Yet under the circumstances, with grisly footage of a hospital in flames being broadcast around the world and multiple deaths being reported, I knew I couldn’t sit in the back of my airplane and not comment. Nor could I risk a serious international backlash to the incident, maybe even a violent uprising in Afghanistan itself, if I failed to acknowledge what had happened. I walked back to the press area on the plane and directly addressed what I described as “clearly a tragic circumstance” in Kunduz and informed reporters that a “full and transparent” investigation was being launched. I further pledged, “There will be accountability as always with these incidents, if that is required.”
I went on to detail actions I was ordering, which amounted to the early steps DOD takes to investigate and address any apparent case of unintended civilian casualties. The statement wasn’t much, but it was a start.
Over time, our investigation showed that the attack, which killed 42 people and injured 37, had been caused by a series of errors by a U.S. gunship crew as well as malfunctioning electronic equipment. President Obama and I personally apologized to the president of MSF, and the U.S. made condolence payments to the families of the victims and contributed $5.7 million to rebuilding the hospital. Sixteen members of the military were disciplined for their contributions to the mistaken attack, and measures were taken to ensure no similar tragedy would recur.
The Kunduz story is the kind of problem only a high-ranking government official will face. National security routinely involves life-and-death decisions that must be made under the extreme scrutiny that goes with doing the people’s business. This is especially true at America’s single largest institution: the Department of Defense. DOD employs around 2.87 million people — that’s more men and women than Amazon, McDonald’s, FedEx, Target, and General Electric combined. It also conducts more research and development than Apple, Google, and Microsoft — again, combined. While that may put the Pentagon in a class by itself when it comes to organizational complexity, nearly all business leaders can expect to be confronted with high-stakes crises that may threaten their organization’s reputation and perhaps even its survival.
Potential business crises can range from the theft of customer data to questions about the engineering of commercial aircraft. In my experience, the best defense isn’t just a communications plan, but also a workplace culture where people are encouraged to face problems with integrity, accountability, and tenacity. That foundation is essential to the credibility of your response to crises. When crises do occur — and they will — you may find the lessons I followed while running the Pentagon useful. Here’s my checklist of actions to take when dealing with a crisis.
Say something: Feed the beast with whatever you know for sure. The “beast” is the natural demand by news media and others for more facts when there is an appearance of danger or wrong. Leaders facing a crisis need to speak and act quickly even when they don’t know all the facts — it’s part of the job. If you stay silent, you leave a void that may be filled by statements from people who may be well-meaning but ill-informed, or, worse, from rivals or adversaries. This had already begun to happen soon after the Kunduz tragedy, when an MSF statement about the crisis used the phrase “war crime.” My own statement said nothing beyond the obvious but came quickly enough to prevent the war crime charge from gaining momentum, which could have led to even greater loss of life if anger had spilled over into riots in Afghanistan or elsewhere. It helped that my initial comments praised MSF and its important work around the world. It also helped that my staff spoke directly with MSF leadership to convey how seriously we were committed to finding out what happened.
While you must say something, stick to the facts you can verify, however scanty they may be. Don’t speculate or offer guesses that may turn out to be incorrect later. That doesn’t mean you can just issue a statement that says, “We don’t know all the facts at this time.” Doing so creates the impression that the problem is out of control, and reporters or employees will turn elsewhere for information that may be speculation. Instead, list the key questions you are investigating — What happened? Who was involved? What causes can be identified? What policies and practices apply to the situation? — and provide any specific, accurate answers that are available at the time.
Do something: Make a list of the most obviously useful immediate actions, and do them. When a crisis hits, your team will be anxious and eager to act. Keeping them waiting for your instructions is a recipe for demoralization, rumor-spreading, and ill-considered actions that may make a bad situation worse. Give them something to do that will prove useful regardless of how the crisis unfolds. This will reinforce their sense of purpose and confidence in your leadership, and provide them with something concrete they can share with others inquiring about the crisis.
Don’t claim things are under control. Promise they will be. Nothing is as harmful to confidence in you as the juxtaposition of an ongoing crisis and smooth reassurance from leadership. You need to show confidence and determination in the future, not satisfaction with the present. Explain the steps you are taking as specifically as possible — the contacts you are establishing, the data you are gathering — and describe the results you intend to achieve in concrete, affirmative terms: “We will be determining precisely what technical or human errors may have led to this incident. If individuals are found to be at fault, we will take disciplinary actions in accordance with long-established procedures. If systems were at fault, we will change them.”
Take full responsibility, privately and publicly. As the organization’s leader, you’re responsible for whatever caused the crisis to erupt in the first place. There are just three possible outcomes: If you personally committed an error in judgment or execution, you’ll need to own up to it. If someone else made the mistake, you’ll need to punish or fire them. And if a system or process you manage was at fault, you’ll need to fix it.
Perhaps the most valuable crisis management resource any organization can have is a robust capability for self-examination and course correction in the days, months, and years after the crisis is resolved. At the DOD, I led an organization with a long tradition of constant learning, “after-action reviews,” and an American commitment to publicly investigating, addressing, and correcting errors that cost lives. That the U.S. military could in fact be counted on to conduct a thorough investigation gave me credibility during the crisis.
If possible, use the crisis as an opportunity for reform. Episodes of dramatic failure can open up opportunities for change. In the aftermath of the Kunduz tragedy, the DOD improved the internal systems whose breakdown led to the erroneous attack. And over time I believe we also strengthened our relationships with organizations like MSF.
In today’s high-pressure news environment, crises may seem to be more frequent and more threatening than ever. The pitfalls are to stonewall, deflect, hedge, or use weasel words. But in war, hairsplitting won’t fly. Nor will it in cases when your brand or business is at stake. By speaking plainly and acting directly, you should be able to emerge with your reputation — and that of your organization — intact, and maybe even improved.