Crisis Communication Plan:

Response to Informational Hack of Google

Users’ Private Data

Prepared by: Jessica Steele

November 23rd, 2015

Plan Test Date: December 30th, 2015

 Table of Contents

Message from our CEO……………………………………………………..……….

Acknowledgements…………………………………………………………...……..

Purposes & Objectives………………………………………………………………..

Key Publics……………………………………………………………………………...

Crisis Communications Team………………………………………………………..

Media Spokesperson…………………………………………………………………..

Potential Questions……………………………………………………………...……..

Experts………………………………………………………………………………….…

Emergency Personnel………………………………………………………...............

Crisis Control Room Equipment & Supplies………………………………………...

Crisis Control Room Setup………………………………………………………….….

Key Messages………………………………………………………………..…………..

Dissemination of Key Messages……………………………………………..……….

Pre-Information & News Release…………………………………………………….

Evaluation…………………………………………………………………….…………..

Closing Statement………………………………………………………………………
 A Message from our CEO

The crisis of an informational hack on

Google is essential to address, because it has
happened to countless other global information
companies and networks. The severity of such
hacks range from breaches of shoppers’/users’
personal information such as name, telephone
number, physical address, and other
demographics into more severe informational
hacks, including usernames, passwords, credit
card/payment information, and financial pins.

This plan allows Google – one of the globe’s largest information networks,
containing over 1.17 billion users worldwide – to prepare and responsibly address
a potential informational leak/hack on Google’s users’ personal information. If
not followed, we can potentially fall in the same mistakes as many companies
before, whom failed to recognize, address, and act upon the ample warning
signs and prodromes leading up to the hacks.

For example, when Target shoppers’ payment information was hacked, all
warning signs were ignored. Target’s anti-hack security system detected the
hack on December 2nd, 2013, but it is said that they failed to act upon this
warning until federal investigators warned Target of the breach on December
12th. As a result, an estimated 40 million credit card numbers and 70 million
addresses, phone numbers, and other pieces of shoppers’ personal information
was accessed and rerouted nationally and internationally to hackers in Russia.
Target ended up spending $61 million through February 1st, 2014 responding to
the breach, and they responded to over 90 lawsuits filed against them by banks
and customers for negligence and compensatory damages. Its holiday
shopping profit fell by 46% from the year prior.

Such a situation has also happened to similar entities like EBay, whose
users’ private information was also hacked in May of 2014. In order for Google to
not fall into the same trap of thinking ourselves to be immune to any such hack,
we are taking extreme measures to counteract any premeditative cyber
threats. Being a globally renowned business, Google receives cyber hacking
threats daily, but our Information, Software, and Global Security Engineers all
work nonstop to protect against such hacks.
 In mid-December of 2009, Google detected a highly sophisticated attack
on their corporate infrastructure originating from China. This attack was not
solely on Google, but also on approximately twenty other companies. We
released a statement saying that they have “evidence to suggest that a primary
goal of the attackers was accessing the Gmail accounts of Chinese human
rights activists,” but that goal was not achieved. Thanks to our incredibly rapid
response and the diligent work of our specialists, only two Gmail accounts were
reported as having been accessed, and the contents of the emails themselves
were not accessed. It had the potential to be much worse, but our quick action
mitigated the situation.

I not only applaud our incredible response at that time of crisis, but I
confidently write that I know our team can make it through any other crisis or
hacking attempt. Our shared values and missions bring our employees together
and provide the fortitude of resilience. I ask that each member of the Google
family read and become familiar with this crisis communication plan. In this way,
every employee will be amply prepared to act and react appropriately in the
event of any such crisis. Thank you for taking the time to read this message, and
thank you for your outstanding commitment to Google’s high standards of
being the leading internet browser and platform throughout the globe.

Sincerely,

Sundar Pinchai
Sundar Pichai
Chief Executive Officer
 Acknowledgement Page

By signing this statement, I verify that I have read this plan and am prepared to
put it into effect.

EXECUTIVE MANAGEMENT:

President and CEO __________________________ _____________________

Sundar Pichai Signature Date

Vice President and CFO __________________________ _____________________

Ruth Porat Signature Date

Google’s Media Outreach __________________________ _____________________

and Communication Signature Date
Spokesperson
Daniel Seiberg

BOARD OF DIRECTORS:

President of Alphabet __________________________ _____________________

and one of Google’s Signature Date
founders
Sergey Brin

Executive Chairman __________________________ _____________________

of Alphabet Signature Date
Eric E. Schmidt
 Purpose & Objectives

PURPOSE
In the event of an informational hack of Google users’ personal
information, usernames, passwords, credit card information, online
purchasing history, search history, emails, documents, etc., it is our
responsibility as Google to immediately inform our customers. We will
address this issue with openness, honesty and transparency. This will ensure
that all media sources are directly informed by us, rather than relying on
rumors or non-credible information. At Google, we value the trust of our
customers above all else, and will so everything possible to express
ourselves as the caring, trustworthy company we are. This crisis
communication plan is aimed at maintaining all publics and stakeholders
updated and informed throughout the duration of the entire crisis, and will
hopefully maintain Google’s positive reputation and standards.

OBJECTIVES

This guidance offers direction for the content and dissemination of

corporate messages in the event of a security hack/crisis. The following
objectives will help Google achieve our goal of clear, concise, effective,
informative, accurate communication to our publics throughout the
duration of the crisis. This plan is to be executed under suspicion of a hack,
as precautionary measures are safer than waiting to receive full
confirmation of a hack. Please note that precision and speed are of
inexplicable importance to preserving the image of Google in the eyes of
our consumers. Being the globe’s most widely used internet browser and a
world-leader in apps and software, it is critical for us to move as rapidly as
possible throughout these objectives; hence, the stringent time
expectations.

v  Notification of Google’s Information, Software, and Global

Security Engineers within 15 minutes of notice or awareness of
the incident (referred to as zero hour).
v  Assembly and technical tracking of hacker and recovery of
Google users’ information per Google’s security team within 30
minutes of zero hour.
v  Notification of executive management staff and board of
directors within one hour of zero hour.
v  Assembly and briefing of crisis communication team and
assembly of crisis communication room, with all equipment and
supplies within 1.5 hours of zero hour.
v  Notification of all internal stakeholders/key publics within 2 hours
of zero hour.
v  Release of pre-prepared news release to all major and reliable
news/media outlets within 2.5 hours of zero hour, also extending
notification to external publics.
v  Press conference with CEO followed by Q&A with panel of
experts held within 3 hours of zero hour.
v  Maintain live updates of the crisis as it develops throughout the
remaining duration of the crisis, beginning at zero hour.
 Key Publics

INTERNAL
In the event of a crisis, Google’s internal key publics will all be notified
within 2 hours of zero hour. Being that the information of almost one billion
Google users is at stake, it is critical for Google to move quickly and
address the crisis with agility and transparency. Google will remain
transparent and honest with its internal key publics at all times, so all are
on the same page throughout the duration of the crisis and its aftermath.

BOARD OF DIRECTORS:

Sergey Brin President & CEO of 234-555-6547 sergeybrin@gmail.com

Alphabet
Eric E. Schmidt Executive Chairman 234-555-7890 ericschmidt@gmail.com
of Alphabet

EXECUTIVE MANAGEMENT:

Sundar Pichai President and CEO 234-456-7778 sundarpichai@gmail.com

of Google
Ruth Porat Vice President and 234-789-6554 ruthporat@gmail.com
CFO of Google
Daniel Seiberg Google’s Media 234-567-3311 danielseiberg@gmail.com
Outreach
Specialist

In addition to these critical members, we also seek to address/inform the

following members of our Google family within 2 hours of zero hour:

v   All Google Staff

v   All Alphabet Staff
v   All Google Shareholders
v   All Google Investors
EXTERNAL
In the event of a crisis, Google will notify all of it’s external key publics
within 2.5 hours of zero hour. Google will remain transparent and honest
with its external key publics at all times, so that faith and confidence in
Google is preserved.

The Media: Google will release a mass media statement, announcing the
factual details of the informational hack. Google will be the first to leak
the information to the public in a factual, honest way. This communication
will be done through Google’s media outreach team, led by Daniel
Seiberg. Google’s CEO, Sundar Pichai, will also release a brief statement
on the state of affairs. Google will post web updates on all its social and
digital sites/media as the crisis progresses. Please see the news release
provided in this plan.

James Pearson CNN News 455-789-0032 jpearson@cnnnews.net

Sasha Alvarga Fox News 321-555-3422 salvarga21@foxnews.com

Crystal Deleya NBC News 787-945-6789 crystaldeleya@nbc.org

Ashley Mann The New York Times 907-334-9001 ashleymann@nyt.com

Consumers: Google will open all hotlines and forms of telephone

communication to consumers who may wish to call for updates on the
state of Google’s informational hack. Google staff members and human
resources will work diligently throughout the duration of the crisis so that all
Google consumers feel their concerns are being addressed and their
needs met as rapidly as possible.

The U.S. government: Google will notify the U.S. government and
cybersecurity of the informational hack. Google will disclose the hackers’
location and as much information as possible to the FBI and
governmental institutions handling potential terrorism and cyber terrorism
threats. This will be essential in determining the global breadth and
implication of the hacker’s outreach.

U.S. Department of Homeland 100-234-5888 selena.tenner@dhs.gov

Security
U.S. Cybersecurity Center 100-445-5890 brendon.saul@uscsc.gov

Industry members and competitors: Google will address its competitors,

issuing out a warning and inviting anyone who may be experiencing
similar problems to speak up and work towards a solution.

Mozilla Firefox Headquarters 889-234-5556 janicedefunt@firefox.org

Yahoo Headquarters 788-004-3456 andrewsteel@yahoo.com

Internet Explorer Headquarters 220-345-8900 graysonlopez@ie.net

 Crisis Team

Sundar Pichai President and CEO 234-456-7778 sundarpichai@gmail.com

of Google
Ruth Porat Vice President and 234-789-6554 ruthporat@gmail.com
CFO of Google
Daniel Seiberg Google’s Media 234-567-3311 danielseiberg@gmail.com
Outreach Specialist
Sergey Brin President & CEO of 234-555-6547 sergeybrin@gmail.com
Alphabet
Eric E. Schmidt Executive Chairman 234-555-7890 ericschmidt@gmail.com
of Alphabet
Selena Tenner U.S. Department of 100-234-5888 selena.tenner@dhs.gov
Homeland Security
Brendon Saul U.S. Cybersecurity 100-445-5890 brendon.saul@uscsc.gov
Center
Alissandra Cortez Google’s Legal 786-343-9972 alissandra.cortez@legal.net
Entity
 Media Spokesperson

The primary spokesperson for Google during the duration of this crisis will be
Daniel Seiberg, Google’s global head of media outreach and the leader of
Google News Lab. His contact information is found below. Although Mr. Seiberg
is well-versed in public relations, please take the time to review the following
interview tips and prompt questions with him prior to our initial public news
release.

CONTACT INFORMATION

Daniel Seiberg
Media Outreach & Communication Specialist
Office: 234-567-3311
Mobile: 954-555-6899
Email: danielseiberg@gmail.com

Interview Tips:

v   Always be clear, concise, and honest.

v   Transparency is key – attempting to hide critical information from
stakeholders, the media, and the public has the potential to jeopardize
Google’s reputation and lose the trust of our consumers.
v   If not sure of an answer, be honest. Tell the media you will provide the
answer as soon as it is known to you.
v   Do not provide false reassurance.
v   Tell the public we will keep them updates and informed as we receive
minute-by-minute updates of the crisis. State that all our call-centers are
currently responding to any questions relating to this informational hack,
and our website informational page is being updated with live updates.
v   Do not discuss key details of the investigation unless explicitly cleared to
do so. U.S. government involvement and the safety of out global internet
may rely on your discretion in not sharing confidential, potentially
threatening/dangerous information with the public.
Trick Questions:

v   Did a Google employee leak confidential data to cyberterrorists?

“Unfortunately at this time, I am not at liberty to discuss the details of the
undergoing investigation with respect to who triggered this informational leak. I
do know, however, that Google’s top hackers, programmers, and technicians
are working diligently with the U.S. government to identify the source of this
hack, the breadth of the information obtained, and to determine how this will
impact our global community. As of right now, we are the only large entity to
have been attacked by these hackers, but we will provide updates if any of our
competitors release information as well.”

v   What if this crisis was caused by a spy or a Google employee working

undercover for a cyberterrorism organization? How can the public trust
Google again?

“Being that we are currently unsure of the exact source/cause of this hack, I
cannot specifically say whether a Google employee was involved or not. That
being noted, Google is a globally renowned company whose top priority is
excellence and dedication to growing with and for our customers. All our
employees are hired not only based on their technical skills/areas of expertise,
but also on how their values align with ours. In the unlikely even that a Google
employee was working undercover or assisted in hacking our informational
systems, that person will be tracked, removed and charged with the
appropriate sentence per their actions, and Google will deepen and reform our
employee hiring process in order to prevent future incidences like this from
happening again.”

v   How do you know that you have the world’s top hackers and
programmers on your team? What if there is someone better out there
working against the greater good?

“At Google, we take pride in the amazing talents of all our employees; that is
why we hired them. We actively seek out globally renowned hackers, computer
experts, and programmers from around the world and invite them to delve into
career opportunities with us. So is there someone ‘better’ out there? Maybe. But
we make it our business to know and hire the globe’s best of the best.”
 v   What are the implications of this cyberterrorist act on global internet usage
and confidential information?
“With the limited information I have at the moment, I unfortunately cannot say
that the implications of this cyberterrorist act are on global internet usage and
confidential information. However, I know that a cyber threat of this proportion
will absolutely set the precedent for all institutions like ours from this point on.”

v   Should consumers stray farther and farther away from the internet, in case
something like this happens again?

“Consumers need not stray farther from the internet out of fear. Google and
others will work even more diligently from this point to secure our customers’
information and protect against hackers. Our global future is riding upon the
internet, and Google strives to make such technology easily available to all
people.”
 Experts Who Could Speak to This Crisis

In the unlikely event of a crisis, the following experts should be contacted in

order to provide a holistic perspective from within Google as well as third-
party/outside expertise on the nature of hacking crises:

INTERNAL EXPERTS:

Sundar Pichai President and CEO 234-456-7778 sundarpichai@gmail.com

of Google
Parisa Tabriz Google’s Security 234-667-5460 princessparisa@gmail.com
Princess & Lead
Hacker
John McClena Google’s Head 234-009-3456 johnmcclena@gmail.com
Software Technician

EXTERNAL EXPERTS:

U.S. Department of Homeland 100-234-5888 selena.tenner@dhs.gov

Security
U.S. Cybersecurity Center 100-445-5890 brendon.saul@uscsc.gov
James Stennal: Global Hack-A-Thon 561-988-0045 jstennalhacks@hack.com
Champion from 2011-2015
Perry McClelan: Renowned Hacking 904-789-3342 whatdoeshackingmean@
expert working against cyberterror gmail.com
 Emergency Personnel to be Contacted

In the incredibly unlikely event of a hack on Google’s information systems,

please contact the following emergency personnel as soon as the crisis is
suspected. Note that confirmation of the validity of the crisis is not necessary
prior to executing crisis control and communication.

Larry Page
Chief Executive Officer of Alphabet
Office: 234-555-4800
Mobile: 577-843-3300
Email: larrypage@alphabet.org

Sergey Brin
President of Alphabet
Office: 234-889-0443
Mobile: 954-388-0499
Email: sergeybrin@alphabet.org

Daniel Seiberg
Media Outreach & Communication Specialist
Office: 234-567-3311
Mobile: 954-555-6899
Email: danielseiberg@gmail.com

U.S. Department of Homeland Security

1220 SE James Blvd.
Virginia, USA, 33495
Office: 688-399-3490
Email: selena.tenner@dhs.gov

U.S. Cybersecurity Center

4567 NW 13th Terrace
Washington, USA, 47789
Office: 100-234-4999
Email: brendon.saul@uscsc.gov
 Equipment & Supplies for Crisis Control Room

Equipment:
v   Land line telephones for every crisis response personnel
v   Televisions with cable/satellite
v   Television remotes and batteries
v   Computers and desk space for every crisis staffer
v   Printers/scanners & fax machines
v   Tables and chairs
v   Microwave
v   Refrigerator
v   Charging stations
v   Power strips
v   Extension cords
v   Projector screens and projectors
v   Video cameras and tripods

Supplies:
v   Paper/large notepads
v   Varied writing utensils – pens, pencils, highlighters
v   Post-it notepads
v   Staplers and staple refills
v   Coffee and filters
v   Dairy and non-dairy creamers
v   Varied sweeteners
v   Filtered water and cups
v   Assorted snacks

Room Set-Up:
With this setup, all crisis response personnel will have the comfort of their own
desk space, computer, telephone, and power strip outlet while also being within
the proximity of their coworkers. This room setup is vital for boosting the morale of
all employees, as they will have the support of others around them in this non-
isolating table structure. Additionally, it will be very convenient for Google’s CEO
or Media Spokesperson to provide in-time updates to all crisis response
personnel at once.
 Development of Key Messages

We would like to keep the following key messages at the forefront of

our crisis communication plan. These messages are aimed to
assuage and mitigate any worries and stresses our consumers may
feel in response to an informational hack. At Google, we value the
trust of our customers above all else, and will so everything possible
to express ourselves as the caring, trustworthy company we are. We
will address this issue and convey the following messages with
openness, honesty and transparency.

1)   At Google, our customers’ wellbeing comes first. We understand the

amount of trust and reliability we need to have in order to earn and
maintain our customers’ loyalty, therefore we strive to excel
expectations every day.

2)   Google has never experienced a hack of this magnitude since its

foundation in 1998, and we assure our customers that any future
attempts will be thwarted even more strongly than before.

3)   Our globally renowned computer and software specialists are

working relentlessly to uncover the cause and culprit of Google’s
informational hack.

4)   We will maintain transparent and reliable communication with our

customers throughout the duration of this crisis. All our call-centers
are currently responding to any questions relating to this
informational hack, and our website informational page is being
updated with live updates.
 Dissemination of Key Messages

We will use the following means of disseminating the key messages during
our crisis resolution, in order to reach all our publics as rapidly and
effectively as possible:

To those actively seeking more information:

These consumers are most likely Google stakeholders and

persons/companies directly impacted or whose information was
compromised by the hack. We expect that they will be awaiting live
updates, reliable and honest information, active solutions, and
transparency, all of which will be provided through the following:

v   Website/Google media blog live updates

v   Any and all social media outlets Google is present on
v   Release of press conference videos

To those who are not actively seeking information:

These consumers are the general public who may not be Google users or
who may not yet be aware of the crisis and the ways it may impact them.
We will seek to reach out to these publics via the following mediums:

v   Press releases to various media outlets

v   Press conferences held to reach internet users/consumers
v   Having our crisis call center open and available for all
questions/concerns
 Pre-Information

Google’s Values - We strive for excellence and always put our customers
first, as per the following ten values we know to be true (available on our
company’s page):

v   Focus on the user and all else will follow.

v   It’s best to do one thing really, really well.
v   Fast is better than slow.
v   Democracy on the web works.
v   You don’t need to be at your desk to need an answer.
v   You can make money without doing evil.
v   There’s always more information out there.
v   The need for information crosses all borders.
v   You can be serious without a suit.
v   Great just isn’t good enough.

Google’s Code of Conduct – Our expectations for excellence are

incredibly high, because at Google we understand the importance of
high-speed, reliable internet service and applications which you can trust.
We hold our employees to the highest standards, and strive to make sure
their goals and values align with ours. Our customers always come first,
and we work every day to make Google users’ lives easy and seamless.

News Release:

FOR IMMEDIATE RELEASE

Date: ________________

Contact: ____________
Phone: ______________
Email: _______________

Private information of almost one billion Google users gets hacked

 Critical information ranging from passwords and usernames to credit card
data was hacked from Google’s databases (today/this morning/this
afternoon/this evening/tonight) _____________.
The hackers remain unknown, but Google’s top computer engineers,
programmers, software developers and hackers are working diligently to identify
the source of the hack.
“We will not stop searching until we find those responsible for this
informational violation,” Google CEO Sundar Pichai said. “Google – and the
entire world, for that matter – has never seen a hack of this proportion, but we
are working overtime to produce results for our consumers and to get to the
bottom of this.”
Google, with almost one billion global users, was severely impacted by this
hacking incident. Leading all efforts to uncover the hackers’ identification and
location is Google’s Security Princess, Parisa Tabriz. She heads a team of 27
Google engineers who build and protect Chrome, the world’s most used web
browser.
“With every passing minute, we are closer to finding the hackers and
restoring all lost data,” Tabriz said. “The sooner we find the hackers, the less
damage they will have done with our users’ private information.”
Google immediately notified press, consumers, stakeholders and even the
United States government of the hack. Google is assuring the public of its
transparency and honesty in the midst of decoding the hack. They promise to
give live updates to all consumers via their website and Google blog, updated
press releases and news conferences.

###
 Evaluation Techniques

1)   Media Relations:
a.   Did the media effectively and diligently convey the information we
provided?
i.   If not, which media outlets were difficult to work with?
ii.   Which media outlets were the easiest to work with/the most
responsive?
b.   Were our media “trick questions” adequate preparation for any
skewed questions the media asked?
c.   Did the media end the crisis with positive messages about Google?
d.   Was there any impact on Google’s relationship with varying media
outlets as a result of this crisis?
e.   How did Google’s media spokesperson perform under pressure?

2)   Public/Community Relations:
a.   Does the public trust Google with its
browsing/data/informational/internet needs?
i.   If not, based on data collected via phone, email and internet
surveys, what is the primary factor hindering consumers from
trusting Google again?
ii.   How can we at Google work to mitigate this issue?
b.   How can we promote positive messages about Google?
c.   Was our communication with consumers positive, informative, and
effective?
d.   Did our crisis call centers, live website updates, press conference
releases, and blog posts assuage the public’s worries? Did we do
our job of effectively communicating?
i.   If not, what can we do to improve?

3)   Crisis Management Team:

a.   Did we comply fully with the crisis communication plan, as we
agreed to and signed?
i.   If not, what aspects did we forget, miss, or disregard?
ii.   Why did we fail to address these aspects?
b.   Did all team members perform their tasks diligently and
adequately?
i.   If so, can these same members be relied on in future crises or
as part of other crisis management teams?
ii.   If not, who failed to meet our standards? How can we
address these individuals to let them know the areas they
failed to excel in?
 a)   Should we consider removing these individuals from
future crisis management teams?
c.   Were there any items not listed in the crisis communication plan that
should have been included? Was anything left out or overlooked
which we can add to future crisis plans?
 Closing Statement

At Google, our mission is to connect global users in a way that was

never before possible. Our consumers have always been and will
always be our top priority, and therefore this crisis communication
plan is being provided in order to properly and transparently relay
information to the public. Our effectiveness as an entity is
determined by our users’ trust and loyalty, and we do not want to
jeopardize that in the wake of any hack or informational leak. We
know that our employees share our dedication to excellent
customer and product service, and together we can work to
effectively mitigate any public anger, misunderstandings, or
negative feelings in the event of a crisis. We at Google appreciate
your cooperation in following the guidelines of this crisis
communication plan, and I would like to personally thank you for
taking the time and care to read this plan.

Sincerely,

Sundar Pinchai
Sundar Pichai
Chief Executive Officer