Why Crisis Communication Teams Aren't Ready for AI Deepfakes: Survey Reveals Critical Gaps

Source: The 2026 Crisis, Emergency, and Risk Communication Trends Report, Philippe Borremans, Crisis Communication Strategist, RiskComms, 2025

Crisis communication professionals are stuck. AI adoption in the field currently scores just 2.49 out of 5. Nearly half the organisations surveyed rated themselves at 1 or 2—barely experimenting at all.

You might think this represents appropriate caution. It doesn't. This is organisational paralysis disguised as prudence.

The barriers aren't technological. They're structural and cultural. Survey respondents identified lack of in-house expertise (28%), budget constraints (25%), and data privacy concerns (18%) as primary obstacles. Organisations don't know how to vet AI tools, don't want to allocate resources to figure it out, and remain anxious about potential consequences.

The data reveals a disturbing paradox: 37% of professionals rate AI-generated deepfakes as a high or critical risk to their organisations. Yet 77% admit to having no documented protocol for handling them. None. Not even a draft gathering dust in a shared drive. A full 36% have no plans whatsoever to develop deepfake response protocols.

Three-quarters of organisations see the threat approaching. They're choosing to stand still and hope it misses them. That's not risk management. That's denial with consequences.

Source: The 2026 Crisis, Emergency, and Risk Communication Trends Report, Philippe Borremans, Crisis Communication Strategist, RiskComms, 2025

Everyone knows crisis communication works best when integrated across functions. Yet most organisations still operate in silos that would make mediaeval castle architects proud.

The strongest integration exists with executive leadership, scoring 3.26 out of 5. Communicators have earned their seat at the table. But examine the rest of the picture: HR integration scored just 2.57. Legal came in at 2.75. Cybersecurity at 2.78.

We live in an era where cyberattacks trigger data breaches, which spark employee concerns, which explode into media scrutiny within hours. That's not four separate crises. It's one compound crisis requiring Legal, IT, HR, and Communications to function as a unified response team.

Organisations that test their plans frequently and maintain strong cross-functional integration report significantly higher preparedness scores. Those with weak integration? They feel ill-equipped to handle anything complex—which now describes virtually every crisis scenario.

The survey data revealed that professional services organisations (37% of respondents) and government/public sector entities (21%) face similar silo challenges despite vastly different operational structures. Organisation size doesn't predict integration quality. Cultural commitment does.

Silos aren't just inefficient. They're structural vulnerabilities waiting to be exploited during the next crisis.

Source: The 2026 Crisis, Emergency, and Risk Communication Trends Report, Philippe Borremans, Crisis Communication Strategist, RiskComms, 2025

Here's the shocking part: Only 26.5% of organisations test their crisis communication plans annually. Another 17.6% test "rarely"—less than every three years. Nearly 10% never test at all.

Never.

These organisations have plans. Those plans probably took weeks to write, received board approval, and now sit in binders looking impressively official. But they've never actually been executed. Never stress-tested. The teams have never discovered which components break under pressure.

The correlation is crystal clear. Organisations that test frequently report higher preparedness confidence. Organisations that don't test feel unprepared. You don't build muscle memory by reading instruction manuals.

The preparedness paradox persists: everyone knows practice works, but few practise regularly. Survey respondents cited competing priorities, resource constraints, fear of exposing weaknesses, and lack of clear ownership as barriers.

All real obstacles. None good enough excuses when the alternative is fumbling through an actual crisis with an untested plan.

Organisations need quarterly tabletop exercises at minimum, with annual full-scale simulations. Testing reveals gaps. Gaps identified during exercises are opportunities. Gaps discovered during real crises are catastrophes.

Source: The 2026 Crisis, Emergency, and Risk Communication Trends Report, Philippe Borremans, Crisis Communication Strategist, RiskComms, 2025

A solid 65.7% of respondents agree that building and maintaining public trust is more challenging today than five years ago. The fragmented media environment means misinformation spreads faster than facts, and every organisational statement gets dissected by audiences starting from positions of scepticism.

The problem isn't that trust is hard to build. The problem is organisations are terrible at measuring it.

Most organisations have either no formal framework for measuring crisis communication effectiveness or rely on ad hoc metrics that don't provide actionable insights. Media clip counts. Social media reach. Vanity metrics that create the illusion of productivity without proving effectiveness.

You can't manage what you don't measure. If you're not systematically tracking stakeholder trust before crises hit, you have no baseline for comparison when things go sideways. You're flying blind.

The survey revealed that organisations getting this right establish trust baselines through regular surveys, integrate qualitative and quantitative data, and link communication metrics to broader business objectives like reputation protection and customer retention. These organisations can demonstrate ROI for crisis communication investments because they measure what matters.

The rest are guessing. And paying the price in recovery time and stakeholder defection after crises.

Source: The 2026 Crisis, Emergency, and Risk Communication Trends Report, Philippe Borremans, Crisis Communication Strategist, RiskComms, 2025

When asked about the biggest skill gaps on current crisis communication teams, three areas dominated responses: AI and technology literacy, data analytics and measurement capabilities, and disinformation detection.

The concerning element is the gap between awareness and action.

The profession is shifting fundamentally. The crisis communicator of the past was a message crafter and media manager. The crisis communicator of the future needs to be a data interpreter, technology evaluator, and cross-functional integrator capable of making split-second decisions during fast-moving polycrisis scenarios.

Traditional public relations degrees aren't cutting it anymore. The skillset required now spans data science, behavioural psychology, technology assessment, and even intelligence analysis. Organisations need to look beyond usual talent pools.

Survey respondents showed strong alignment between identified gaps and forward-looking priorities. People know they need to focus on AI integration, enhanced testing protocols, and team training for 2026. The question is whether awareness translates into investment.

The good news? Organisations are aware of the gaps. The bad news? Most haven't begun closing them.

Source: The 2026 Crisis, Emergency, and Risk Communication Trends Report, Philippe Borremans, Crisis Communication Strategist, RiskComms, 2025

The trends are clear. The threats are real. The gaps are measurable. Organisations that close them now will have significant advantages over those that wait until they're in crisis mode to figure things out.

Don't let this become another report you read, nod along with, and forget by next week. Pick one thing. Just one.

Maybe it's developing that deepfake response protocol. Maybe it's scheduling your first crisis simulation this quarter. Maybe it's finally establishing a trust measurement baseline. Maybe it's breaking down one critical silo between Communications and Legal or IT.

Do something. Because the polycrisis era doesn't care whether you're ready or not.

Organisations that act now gain:

The choice is stark: invest in preparedness now or pay for unpreparedness later. The second option is always more expensive.

The Crisis Response Velocity Gap describes the dangerous disconnect between the speed at which modern crises unfold and the speed at which organisations can make decisions and respond. As crises accelerate through digital channels and AI-generated content, traditional decision-making processes become bottlenecks that prevent effective response. Organisations need AI-augmented frameworks and pre-established protocols to bridge this gap.

Organisations cite three primary barriers: lack of in-house expertise (28%), budget constraints (25%), and data privacy concerns (18%). Many organisations don't know how to vet AI detection tools, don't want to allocate resources to develop protocols, and remain uncertain about legal and privacy implications of monitoring for deepfakes. This creates dangerous inaction despite widespread awareness of the threat.

Organisations should conduct quarterly tabletop exercises at minimum, with annual full-scale simulations. Monthly scenario discussions help maintain awareness. Organisations that test frequently report significantly higher preparedness confidence than those testing rarely or never. Testing reveals gaps that become opportunities for improvement rather than surprises during actual crises.

AI and technology literacy represents the most critical gap, followed closely by data analytics capabilities and disinformation detection skills. The crisis communicator role is evolving from message crafter to data interpreter and technology evaluator. Organisations need to recruit talent from nontraditional backgrounds including data science, behavioural psychology, and technology assessment fields.

Establish baseline trust metrics through regular stakeholder surveys (quarterly or biannually), integrate qualitative feedback with quantitative data, and link communication metrics to business objectives like reputation scores, customer retention rates, and employee engagement. Without baseline measurements, organisations can't determine if crisis responses improved or degraded stakeholder trust.

Pick one measurable action and execute it this quarter. Options include: developing a deepfake response protocol, scheduling a crisis simulation exercise, establishing trust measurement baselines, or breaking down one critical departmental silo. Starting with one concrete action creates momentum and proves feasibility to sceptical stakeholders.

Silos persist due to competing priorities, organisational culture, lack of clear ownership for cross-functional coordination, and absence of incentives for collaboration. Breaking silos requires executive leadership commitment, formal cross-functional protocols, regular joint exercises, and accountability for integrated response. Awareness of the problem doesn't automatically create solutions without structural changes.

The polycrisis era involves multiple simultaneous threats from different vectors—cyber attacks, disinformation campaigns, regulatory changes, and technological disruptions occurring concurrently. Traditional crisis response approaches designed for single-vector crises fail when organisations face compound crises requiring coordinated responses across multiple departments and stakeholder groups simultaneously.

Crisis preparedness scales to organisation size and risk profile, but fundamental principles remain constant: tested plans, cross-functional integration, trust measurement, and appropriate skill sets. Small organisations may have simpler plans with fewer resources, but they still need protocols that work under pressure. Survey data showed organisation size doesn't predict preparedness quality—cultural commitment does.

Organisations with strong preparedness recover faster from crises, experience less reputation damage, retain more stakeholders, and face lower costs associated with extended crisis periods. Whilst exact ROI varies by industry and crisis type, organisations with tested plans and established trust baselines demonstrate measurable value through faster recovery times, reduced stakeholder defection, and maintained business continuity during disruptions.

This analysis is based on The 2026 Crisis, Emergency, and Risk Communication Trends Report by Philippe Borremans, Crisis Communication Strategist at RiskComms. The report draws from a comprehensive survey of 102 crisis, emergency, and risk communication professionals conducted in late 2025. The survey employed a mixed-methods approach combining quantitative analysis of closed-ended questions with qualitative thematic coding of open-ended responses.

The sample includes professionals from diverse industries: Professional Services (37%), Government/Public Sector (21%), Education (7%), Energy & Utilities (6%), and others. Organisation sizes ranged from 1–50 employees to 10,000+. The majority of respondents hold senior roles including C-suite, directors, and managers, providing strategic leadership-level perspectives.

Data was cleaned to exclude incomplete responses, and all open-ended responses were anonymised to protect respondent confidentiality. Findings should be interpreted within the context of sample characteristics and limitations, including potential over-representation of Professional Services and senior roles.

About the Author: Philippe Borremans is a Crisis Communication Strategist and founder of RiskComms consulting with 25+ years of experience specialising in emergency and crisis preparedness. He has developed proprietary methodologies including the Universal Adaptive Crisis Communication (UACC) Framework. His work focuses on modernising crisis communication for interconnected, fast-moving scenarios where traditional approaches fail.