Plan, Train, Communicate

May 16, 2025

When disaster rears its ugly head, boxmakers must take the necessary steps to ensure continuity

Disasters have been top of mind lately, especially given the devastating fires in Los Angeles. But manufacturers are at risk from a wide range of potential calamities—from natural disasters to cybersecurity breaches and more. And as we all learned during the COVID-19 pandemic, not all risks can be readily anticipated. The key to protecting your company, its employees, customers, and other stakeholders is being prepared to respond, whatever type of disaster you may face, says Kate Pulio-Deighton, senior director of crisis and litigation communications with FTI Consulting, headquartered in Washington, D.C. “Regardless of what form it takes, any crisis could harm a company’s reputation, business continuity, stakeholder relationships, or future commercial opportunities,” she says.

Importance of Being Prepared

Like death and taxes, disasters are difficult if not impossible to avoid. And in today’s always-on, always-online world, the news of disasters spreads fast. “We live in a highly volatile digital age where bad news travels fast,” Pulio-Deighton says. “In these times of heightened online scrutiny, companies are often judged more by how they handle a crisis than by the crisis itself.” Dan Pascale, CEO of COSECURE, headquartered in Philadelphia, agrees. “Every organization, including manufacturers, must have a business continuity plan. This involves identifying critical resources needed to combat disasters and ensuring the ability to respond and recover quickly.” Few are prepared for such situations, though. According to findings from an FTI Consulting-sponsored Economist Impact survey of 600 general counsels and legal decision-makers at companies across North America, Europe, the Middle East, Africa, and Asia-Pacific with revenues of more than $1 billion, only about 30% of these businesses have prepared crisis communication playbooks with internal and external messaging. Almost 70% don’t have an identified ad hoc, cross-functional crisis response team or a preselected list of external crisis response advisers that can assemble easily when a crisis arises. Planning is a critical step for all manufacturers.

Fail to Plan, Plan to Fail

Disasters can take various forms such as human-caused disasters (e.g., workplace violence, terrorism, and supply chain disruptions) and technological disasters (e.g., cyberattacks, IT failures, and power outages). The impacts of each type of disaster will be different, affecting different parts or aspects of a company’s operations, but the odds of being impacted by a disaster are a reality for all organizations. Impacts and costs are on the rise. Natural disasters, for instance, are more common today than in the past. “In 2024, there were 27 individual weather and climate disasters with at least $1 billion in damages, trailing only the record-setting 28 events analyzed in 2023. These disasters caused at least 568 direct or indirect fatalities, which is the eighth-highest for these billion-dollar disasters over the past 45 years (1980–2024). The cost was approximately $182.7 billion,” according to National Oceanic and Atmospheric Association’s National Centers for Environmental Information. Amid a disaster, companies are faced with the prospect of addressing the disaster while also attempting, if possible, to keep the business operating. That requires a focus on staffing, supply chain, and customer communications, and sometimes dealing with legal or regulatory agencies. The time to consider how to respond—and who needs to be responded to—in a disaster situation isn’t while the disaster is unfolding. “Every manufacturer should have an up-to-date crisis management plan that explains how the organization will immediately respond to a crisis of any nature—whether that be a safety accident or act of violence at a facility, significant supply chain disruption, natural disaster, cybersecurity attack, technological failure, or [U.S. Occupational Safety and Health Administration] investigation,” says Pulio-Deighton. This process, says Pascale, “should identify potential threats such as technological or human-caused disasters, and ensure they have the necessary resources to mitigate these risks.” That’s what California Box I & II is working on, says President Chris Widera. “We are currently in the process of developing a comprehensive plan,” he says. “While we have multiple backup facilities in place for our software programs and data, we do not yet have an official written backup plan for our machinery.” Plant locations, though, he says, are strategically situated across the Southwest. “Our equipment and plant redundancy are built into our operations at these locations. Having multiple plants within a few hours is our contingency plan,” he says. While every plan will be different, depending on where organizations are located and the types of risks most likely to impact them, there are common elements across all plans and processes for disaster recovery.

The Nitty-Gritty

There are three broad elements of a disaster plan, Pascale notes:

- Basic plan: an overview of company operations and how they will be managed during an emergency.

- Functional annexes: plans for securing facilities, recovery, and other critical functions.

- Hazard-specific annexes: plans tailored to specific threats relevant to the business.

The planning process should include input from various perspectives. Typically, says Pascale, three to four departments should be involved in disaster planning efforts, including plant management, human resources, information technology, and communications. In manufacturing settings, he says, “involving employees from different shifts in the planning process is important to understand their needs and perspectives during emergencies.” Crisis management plans should be designed to provide direction to staff about how to respond, ensuring important activities are not overlooked. Crisis management plans, says Pulio-Deighton, “should include clear escalation guidelines, crisis team structures, team activation protocols, contact information, roles and responsibilities, cross-functional ways of sharing information across the business, communications channels, and approval processes, among other key components.” Effective communication is crucial, Pascale agrees. “This includes using mass notification systems that can reach employees via radios or cellphones, ensuring timely, accurate, and useful information during emergencies,” he says.

Staff Training and Communication

Simply having a plan is not enough. It’s important to communicate the plan to staff and to provide training, education, and drills to ensure they’re ready for action should a disaster happen. “Tabletop exercises simulating real-world crisis scenarios should be conducted with teams on a regular basis to help build muscle memory in a lower-pressure, collaborative, and knowledge-building crisis-response environment,” says Pulio-Deighton. Crises are generally unexpected and impossible to predict with certainty. The best plans may fail to encompass every possible incident that could affect a business’s operations or reputation. Because of this, she says, “strong, coordinated alliances among executive teams, boards, their organizations, law firm partners, and other expert advisers can be invaluable.”

Responding in a Crisis

Effective crisis management requires swift and consistent communications that demonstrate accountability, promote transparency, and maintain trust with key stakeholders. From employees to customers, suppliers, distributors, regulators, lawmakers, and the media, stakeholder scrutiny presents considerable risk. “Companies should be prepared to manage narratives during public interest events, using traditional media and social media effectively to control the message and reassure stakeholders,” Pascale says. It’s important to respond quickly in any crisis situation, but that can be easier said than done. “Immediately engaging legal counsel to advise is often a vital first step, as communications and legal teams typically work in lockstep during a crisis to ensure all communications are carefully crafted and legally vetted to mitigate risk and ensure alignment with the appropriate legal strategies,” says Pulio-Deighton. In addition, she says, “during a crisis, a manufacturer must not only address the immediate fallout but also anticipate and prepare for any potential litigation, investigations, or long-term backlash. Planning for these potential scenarios can influence a company’s ability to respond efficiently and rebuild trust after a crisis.” The reality, though, Pulio-Deighton acknowledges, is often that limited information is available in the initial days and weeks following a crisis. “A best practice for successful crisis response is to not prematurely communicate pertinent information like why a crisis occurred before the details of the situation have been confirmed and vetted by the appropriate parties,” she says. “Failing to do so could result in confusion, damage trust, or introduce unnecessary legal risk.” Communication during and after a crisis needs to be ongoing with regular updates. “It is critical to deliver timely updates to your key stakeholders and establish direct, two-way lines of communication with many of these audiences,” Pulio-Deighton says. “Even when there is not much to be said about the situation, expressing your commitment to keeping them informed—and following through on that promise—can speak volumes.”

Lin Grensing-Pophal is a Wisconsin-based freelance journalist.

Cybersecurity: A Modern-Day Disaster Reality

Disaster preparedness planning, says Dan Pascale, CEO of COSECURE, should include the consideration of cybersecurity risks, which is a critical component of disaster preparedness. “Many attacks target organizations that are not well prepared, leading to significant financial losses,” he points out. The Federal Trade Commission offers some advice for companies that are the victim of a data breach: