Security 500 conference     

 Don’t miss the networking event of the year for security executives!
Register today for the Security 500 Conference.

Leadership & Management Column / Security Leadership and Management / Columns

Controlling Brand Risk

How the market perceives a company and its brand(s) ultimately dictates success or failure.

The last element we will over in this series on ERM involves brand risk. An enterprise’s brand(s) is one of its most valuable assets. Many brands have become so iconic that they have become a verb rather than a noun. For instance, Xerox Corporation has had a long history of producing photocopier machines. Think about how many times you have heard some say, “I'm just going to Xerox this document.”  There are numerous companies producing a product made with an adhesive strip and gauze square that is designed to cover a small cut or scrape. The typical response you hear when someone needs one of these health care products is…“Would someone please get me a Band-Aid?”  Johnson & Johnson, which owns this iconic brand, is probably pretty delighted that their product receives such broad recognition.

Johnson & Johnson has had some great brand successes and some disasters as well.  The company was widely hailed for its effective handling of the crisis involving tainted Tylenol a number of years ago. The company and the Tylenol brand recovered extremely well from what could have been a public relations nightmare. A year or so ago, Johnson & Johnson recalled Tylenol once again due to some potential contamination issues that occurred during the shipping and warehousing of the product. The lengthy time the product was off the shelf gave competitors a much stronger foothold in an already crowded market for pain-relieving products.

Another example that is currently making major headlines involves General Motors and the ignition switch issue involving several key brands of automobiles. The news has been peppered with stories of how GM knew of the problem years ago and chose not to conduct a recall. A government investigation is currently underway due to several deaths that have been attributed to the faulty switch. GM’s brand and reputation has been severely damaged by these revelations. 

Damage to a company’s brand and reputation are not isolated to the U.S. market. Some foreign markets are hyper-sensitive to brand and reputation issues.  For instance, Yum, the parent company of Kentucky Fried Chicken, had built a major network of KFC restaurants across China. KFC and Col. Sanders had become an iconic brand in China. When reports arose that there were concerns relative to the food safety and quality of chickens they used in their meals, the bottom dropped out of their Chinese market overnight. 

Whether based on fact, fiction or social media hype, perception rules the day.  How the market perceives a company and its brand(s) ultimately dictates success or failure.  There are market phenomena that seem to overrule this concept, however. In the U.S., it is common knowledge that, as a general rule of thumb, consumers severely retaliate against any company that messes with their kids or their pets. Yet, Chinese companies have been taken to task time and time again by the Federal Trade Commission and the Food & Drug Administration for children’s toys containing highly toxic levels of lead paint, toothpaste containing anti-freeze and pet food containing high levels of asbestos and other toxins. Ironically, these issues have had little impact on the volume of Chinese products that are imported into the U.S. where cheap products seem to trump consumers’ logic.

In an earlier column in this series, we discussed the importance of establishing an effective risk intelligence program. One of the most compelling reasons to establish such a function involves the safeguarding of an enterprise’s brand and reputation. Constant vigilance in the marketplace is vital to understanding, responding to and mitigating incidents that can have a devastating impact on your enterprise’s brand and reputation. The other aspect that is vital is having a solid crisis management and crisis communications plan.  This isn’t something that can be just pulled off the shelf and dusted off when it is needed…which we guarantee will always be too late. It is vital that enterprises run scenario-based exercises to ensure that you are ready to rapidly handle virtually any kind of issue that lands on your doorstep. In today’s world of instantaneous social media communications, it is absolutely essential that your enterprise is prepared, is experienced in handling crisis communications and responds immediately, as failure to do so taints you from the start.   


About the Authors:

 Jerry J. Brennan is the founder and Chief Operating Officer of Security Management Resources (SMR Group), the world’s leading executive search firm exclusively focused in corporate security. Lynn Mattice is Managing Director of Mattice and Associates, a management consultancy focused at the development and alignment of Enterprise Risk Management and Business Intelligence Programs, as well as Intellectual Property Protection and Cybersecurity. 

Did you enjoy this article? Click here to subscribe to Security Magazine. 

Recent Articles by Jerry Brennan

You must login or register in order to post a comment.



Image Galleries

ASIS 2013 Product Preview

ASIS International 59th Annual Seminar and Exhibits, September 24-27 in Chicago, Illinois, will include an exhibit hall packed with innovative security solutions. Here are some of the products that will be shown at ASIS this year.


Virtualization and Data Center Security: What You Need to Know for 2014

Data centers are increasingly becoming the center of the enterprise, and data center and cyber security is following the same path for security departments. According to Justin Flynn, a consultant at the Burwood Group, the virtualization of data centers allows enterprises to scale more easily and faster, with a smaller footprint.

However, hosting enterprise data in the cloud can make intrusion detection more difficult – how can enterprise security leaders team up with other departments to keep aware of cyber risks and traffic, and physical and data compliance during the virtual transition? How can CISOs and CSOs discuss cyber threats with the C-Suite to get the resources they need? And how can the proper infrastructure test and verify possible malicious attacks? 

More Podcasts

Security Magazine

2014 November cover of Security Magazine

2014 November

Don't miss our 2014 Security 500 issue, with rankings, data on sectors, and other security benchmarkings, all contained within this November 2014 edition of Security magazine. Also, (re)learn the basics of lobby security and how to make the highest impact retrofit for your budget.
Table Of Contents Subscribe

Travel & the Ebola Risk

Are you and your enterprise restricting travel due to Ebola risks?
View Results Poll Archive


CompTIA Security+ Certification Study Guide
CompTIA's Security+ certification is a globally-recognized, vendor neutral exam that has helped over 60,000 IT professionals reach further and higher in their careers. The current Security+ exam (SY0-201) focuses more on being able to deal with security issues rather than just identifying them.
More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.


Facebook 40px 2-12-13 Twitter logo 40px 2-12-13  YouTube  LinkedIn logo 40px 2-12-13Google+

Vertical Sector Focus: Critical Infrastructures

criticalhomepagethumbFrom terrorism to vandalism, it’s preparedness, response, training and partnerships. Learn about some of the critical security issues facing this sector.

Visit the Critical Infrastructure page to read more.