Intel and pretty much anyone with a computer awoke to the new year with a huge buzzkill: a report that all Intel chips have huge security vulnerabilities—dubbed Meltdown and Spectre—that hackers can use to obtain passwords, security keys, and files from a user’s hard drive.
Even worse, the patch for this vulnerability will slow computers by as much as 30%. Pretty much every Intel-based computer made since 1995 has the vulnerabilities. Mobile devices with Intel chips are also vulnerable.
As a result, any business owner was wondering how this affects them and what they can do about it. Unfortunately, Intel itself hasn’t been much help. Rather than provide consumers with such information, it has dug in its heels to dispute the report and continue with its regularly scheduled marketing messaging—promoting its Winter Olympics sponsorship.
This PR approach is damaging the brand every second. If Intel wants to preserve its good name, it needs to put the customer first and its corporate ego second.
Despite its huge install base, Intel has not been proactive about announcing this security flaw. Instead, security researchers noticed that Linux and Windows programmers had begun introducing beta updates to address those vulnerabilities. Then Intel rival Google’s Project Zero released full details about Meltown and Spectre. Intel cooperated with that research and has said that it planned to make a statement about Meltdown and Spectre, but the press scooped it.
As its stock cratered, Intel released a statement arguing that the assertion that the issue was related to a bug or flaw is incorrect. The statement also said that Intel was working with other tech companies, including AMD. But AMD said that its chips are not subject to the same types of attacks. Confusing matters further, Business Insider reported that Intel CEO Brian Krzanich sold $24 million in stock in November, when the company was aware of the issue. That left Krzanich with the minimum amount of stock he is required to keep under his employer agreement, according to the website.
Intel's response improved over time. On January 4, Intel released a FAQ that denied that the issue was related to a bug or flaw in Intel products. It advised customers worried about their data to contact their OS provider and system vendor.
The problem with this approach
While Intel dug in its heels, those of us with computers using Intel chips were left wondering if our passwords and personal information were at risk of being stolen. Intel itself has been no help. At this writing, the company’s homepage was hyping its Winter Olympics sponsorship. Aside from Intel’s statement, available under the "newsroom" link, there was no acknowledgment of this issue.
Maybe the press is making too big a deal of this. But based on past experience with Equifax, for one, consumers have every reason to be suspicious and angry at Intel for its "nothing to see here" approach and its CEO’s curious actions.
How Intel can turn this around
The good news is that it’s not too late for Intel to turn this situation around. Here are three steps the company should take immediately to restore trust with its consumers:
1. Coordinate the customer and tech messaging ASAP. Consumers and businesses need a consistent message. Intel spokespersons should work off the same playbook and be very clear about what happened and why. This is national breaking news, so Intel can’t pretend that it’s a minor glitch.
2. Set up a process to respond to customer questions and requests. Customers are worried that they’ll be hacked and that their computers are about to slow down dramatically. They don’t want to hear about the Winter Olympics. Customers need to feel Intel is working for and with them through this unanticipated technology blip. The company needs to leverage all of its social channels to ensure that consumers can easily find the information they need. Telling consumers to check with their OS provider or manufacturer is buck-passing. Intel needs to link to that information from its website.
3. Use CES as a platform. The timing of this incident works well since it’s right before CES, when the whole tech community will be gathered in Las Vegas. What better opportunity for Intel to get its message across? Rather than stonewall journalists at the event, Intel needs to err on the side of giving them too much information.
As Target’s recent experience has shown, consumers are remarkably forgiving of brands they like. The public also has a sophisticated view of tech security and know that there’s no solution that will work 100% of the time. That’s why while there’s considerable downside for Intel, the company is only making things worse for itself. Going forward, Intel needs to focus more on its customers and less on itself.
Todd Barrish is president of Indicate Media.