While 98% of leaders who have activated their crisis communications plans say they’re effective, only 49% of U.S. companies actually have a formal one in place according to Capterra. Another 28% rely on informal approaches while 23% lack a plan altogether. Of those who do have one, nearly 20% admit it is outdated. This is almost as problematic as being planless, because the risks they account for likely don’t include the ones that have emerged more recently.

Whether your organization is creating a plan for the first time or updating an existing one, it is important to consider all the potential crises your company may face. Working with experienced crisis communications experts can help ensure your strategy is current, comprehensive and actionable.

Moreover, an outside perspective can make it easier to uncover vulnerabilities, challenge assumptions and identify risks you may not have considered. You likely know what is supposed to happen following a natural disaster, but what about a deepfake incident? It’s a scenario that is becoming as common as it is devastating — and one that few companies are adequately prepared for.

At ARTÉMIA, we specialize in anticipating evolving threats and creating proactive strategies that help brands respond swiftly and effectively. Let’s take a closer look at deepfakes, along with four other crises that could catch your company off guard.

1. Deepfakes and AI-Generated Misinformation

Synthetic media—realistic but entirely fabricated video or audio—can mislead investors, alarm customers, and cause significant reputational damage. A fake clip of an executive making a controversial statement can go viral before your team has a chance to respond.

According to Regula Forensics:

• 49% of companies have encountered both audio and video deepfakes
• Businesses lose nearly $450,000 on average per incident
• 42% cite identity theft as their top deepfake-related concern

Effective crisis plans should include procedures for verifying content quickly and issuing timely, coordinated counter-messaging.

Learn more about the threat of deepfakes.

2. Third-Party Technology Failures

Even well-prepared companies are vulnerable to vendor disruptions. Gartner reports an average of 12 unplanned application outages per year and, according to the Uptime Institute, 63% of outages reported since 2016 have involved third-party IT providers.

Whether it’s a cloud service outage or a failed integration, customers and partners often see these failures as your responsibility—regardless of where the issue originated. Your plan should account for outages and operational disruptions caused by external providers and include a strategy for communication, resolution and reputation management.

3. Employee Leaks and Internal Dissent

From leaked Slack messages to whistleblower reports, internal conversations are increasingly finding their way into the public eye. These situations can quickly escalate, especially if they highlight disconnects between internal culture and public messaging.

Former employees also pose a growing risk. A report from InformationWeek found that 75% of insider threat cases involve individuals who have left the company, often with sensitive data or intent to cause disruption. Partnering with a reputation management agency can help you anticipate these risks and craft responses that protect your brand without escalating the issue further.

4. Generative AI Misuse and Exposure

AI tools are being widely adopted, but internal policies haven’t always kept pace. Sensitive information may be entered into public AI tools without realizing the implications, or AI-generated content may be published without appropriate oversight.

According to CybSafe:

• 93% of U.S. workers may be unknowingly sharing confidential information via AI
• 38% admit to sharing details they wouldn’t disclose in casual conversation

Organizations need clear internal guidelines—and a communications plan to respond if misuse becomes public.

Learn more about AI-related risks.

5. Integrated Tech Failures: From Data Breaches to Physical Risks

Cybersecurity is already a priority in most crisis plans—but as infrastructure becomes more connected, the stakes extend beyond the digital realm. Attacks on IoT systems, operational networks, and critical infrastructure can cause widespread physical and financial impact. Plans should address both cyber and physical consequences, covering not just incident containment, but also public communication, stakeholder updates, and continuity strategies.

• The global cost of cybercrime is projected to reach $15.63 trillion by 2029
• Supply chain-related cyberattacks result in average annual losses of $82 million

Make Sure Your Company is Prepared

Speed, coordination and transparency are still the foundation of effective crisis response, but they aren’t enough if your plan doesn’t reflect current threats. Now is the time to assess where gaps may exist and make adjustments before the next crisis hits. If you need support evaluating your plan—or building one from the ground up—our crisis communications and reputation management experts are here to help. Our strategic consultancy offers tailored services that help you prepare, respond and recover with confidence. Contact us today for a free consultation.