 CLICK TO CALL NOW

Crisis – from the golden hour to the golden minutes


Published on: Jul 1, 2026 by Michael SnyderNo comments

The loss of trust and brand erosion carries a fearsome price—as Boeing and other companies have learned the hard way through major crisis. In the latter half of the 2020s it can be exacted faster than at any point in business history. A single trust-busting organizational crisis, compromised security breach, a mishandled recall, or ex-supporter allegations can travel from obscurity to your customers’ screens before your leadership team finishes its first conference call.

Crisis plans require preparation to seize the Golden Hour
737 Max cockpit – iStock

For executives, the uncomfortable truth is this: the crisis will come. The only variable you fully control is whether you meet it prepared, or whether you make it up and improvise as the crisis unfolds, hoping for the best.

Crisis awaits the unprepared—and the stakes have climbed

Recent headlines make the case more forcefully than any theory could. The woes of Boeing 737 deadly plane crashes and perceived non-functioning space vehicles are well known, as are the Herculean efforts to repair the Boeing brand (including a major brand review launched by Boeing this month). Earlier in March of 2026, and we find that Hasbro—a 103-year-old household brand name—was breached and remained largely offline for weeks, its website unavailable and its ability to serve customers crippled. A century of brand equity did not buy the company a fast recovery; preparation would have.

But wait, there’s more.

The threat landscape has shifted in three ways that every executive should consider:

The IT breach is now almost always a communications crisis. Ransomware operators no longer just lock your files—it’s now a predatory business model. Rogue agents steal your data first, then threaten to leak it, auction it to competitors, file regulatory complaints against you, and contact your customers and reporters directly.

Roughly three-quarters of ransomware intrusions now involve data theft, which means an IT problem becomes a public-trust problem within hours. Verizon’s 2026 Data Breach Investigations Report — the largest dataset in its history, with more than 12,000 confirmed breaches — found ransomware factoring into nearly half of all incidents.

Your weakest link is probably someone else’s network. Third-party involvement was a factor in roughly 30% of breaches this year, roughly double the prior rate. Sysco and Madison Square Garden were both swept into a single Salesforce-linked extortion campaign. McDonald’s exposed tens of millions of job-applicant records through a hiring chatbot reportedly protected by a password as flimsy as “123456.” Your vendors’ vulnerabilities are now your reputation’s vulnerabilities.

Executives under fire? The evidence itself can be fake. Attackers have begun weaponizing AI-generated deepfake audio and video—built from your own earnings calls and conference talks—to fabricate compromising material about executives and extort payment. Even when you know the content is fabricated, disproving it publicly takes time you may not have while it circulates.

What about your company?

A company-threatening crisis affects business continuity, brand, financial strength, and the confidence of every stakeholder—customers, employees, lenders, regulators, and community. And smaller organizations are often more exposed, not less.

Small and mid-sized businesses now account for the majority of all breaches, and when they’re hit, the recovery cost—downtime, forensics, legal fees, and reputational repair — averages well over $1 million. The average total cost of a data breach across all organizations has climbed to roughly $4.4 million, according to IBM‘s most recent analysis. The median ransom is a six-figure demand—and paying it is the smallest line item on the bill.

Despite living through a global pandemic that rewired how businesses operate, an estimated half of all companies still have no crisis communications and business continuity plan—or have one gathering dust, untested and out of date.

The cost of treating this casually

Here is the part too many executives underweight until it’s too late: the response is the crisis. Poor preparation, slow reaction, and evasive messaging routinely do more damage than the triggering event itself.

Consider the contrast. In early 2026, Nestlé recalled hundreds of infant-formula products across dozens of countries after a bacterial toxin was detected. Advocacy groups blistered the company for dragging its heels—and the perception of a slow, defensive response inflicted reputational harm well beyond the product issue.

The lesson crisis professionals keep repeating: a poorly considered response can be worse than no response, and you cannot fix a substantive problem with messaging alone.

Preparation also matters because reputational damage compounds. Organizations with a history of stumbles don’t get the benefit of the doubt—every new incident carries the weight of the last, and the statement has to work twice as hard to be believed.

Worse, your reputation can take a hit even when you did nothing wrong: when a peer in your sector suffers a recall, fraud, or breach, stakeholders instinctively assume others in the same group share the weakness. That “spillover” effect means monitoring and readiness are defensive necessities, not luxuries.

And the ultimate consequence is existential. Some businesses never reopen their doors after a serious attack or scandal. The question the original version of this column posed a few years ago is only sharper now: if a crisis hit ten minutes after you finished reading this, would you still be in business 30 days from now?

The Golden Hour has become the Golden Minutes

Business continuity and recovery time often come down to how you handle the “golden hour”—the moments immediately after a crisis erupts. But in 2026 we find even that window has compressed.

Bad news, real or synthetic, ricochets across social platforms and your key influencers in seconds, and a “small” incident can be amplified into a company-menacing event before you’ve confirmed a single fact. The organizations that survive intact are the ones that can speak—accurately, empathetically, and quickly—inside that shrinking window (and that doesn’t mean you have to have all of the answers instantly, but it does mean that active acknowledgement is key).

What belongs in a 2026-2027 plan

A full plan is detailed, but the essentials haven’t changed as much as the environment around them. As you build or update yours, confirm you have:

  • An honest, confidential threat and vulnerability assessment. What keeps you awake at night? Pressure-test it across management, HR, legal, finance, risk, and—critically now—IT and your third-party vendors.
  • A named core team with defined roles and a confidential contact tree. Who assembles, who speaks, who clears messaging, who monitors sentiment online, who coordinates with regulators. Settle the perennial legal-versus-communications tension in advance: counsel protects against liability, communications protects reputation, and a pre-agreed framework keeps both from freezing at the worst moment.
  • Pre-positioned holding statements for each major scenario, vetted by legal, finance, and HR, so you can acknowledge an emerging situation publicly within the first hours. An honest early statement—”we’re aware, we’re investigating, and we’ll update you regularly”—buys credibility and time.
  • Stakeholder maps built before the fire. Identify customers, employees, partners, lenders, and regulators now.
  • Communication infrastructure you control. Know today who can post to your website and social channels; don’t go hunting for the password during the golden minutes.
  • New-for-2026 additions: a vendor and supply-chain notification protocol, awareness of your regulatory notification clocks (many now measured in hours, not days), coordination with your cyber-insurance carrier, and a rapid deepfake verification and rebuttal process so a fabricated clip doesn’t define the narrative before you respond.
Get started

A comprehensive plan goes well beyond these points—but these will get you moving, and movement is the entire game. Being prepared is the difference between a short-lived, well-handled situation and a company-defining disaster.

The good news is that readiness is achievable without a Fortune 500 budget. It takes the right process, the right partner, and the discipline to treat crisis communications as an ongoing business function rather than a one-time project.

At MEK Group, we help organizations assess their vulnerabilities, build and pressure-test their plans, and lead confidently through the moments that matter most. The best time to prepare was before the crisis.

The second-best time is now.

By Michael Snyder, MEK Group


Please share your thoughts on this post:

Your email address will not be published. Required fields are marked *

Copyright  2026 MEK Group. All rights reserved.   •   Marketing | Engagement | Knowledge   •   Privacy