Stay connected: follow us on LinkedIn and explore more at
www.CherryHillAdvisory.com.
Lorem ipsum dolor sit amet consectetur interdum quam duis varius facilis.
Latest Blogs
No items found.
Follow Us
.svg){kind=small}
At a Coldplay concert, the stadium kiss cam landed on a couple who kissed to cheers from the crowd. A few hours later, the internet had identified them as Andy Byron, CEO of Astronomer, and Kristin Cabot, the company’s chief people officer. It went viral.
What followed: online speculation, memes, misinformation, and eventually a full-blown HR crisis. The couple were placed on leave. The CEO later resigned. Fake apology letters and statements from Coldplay themselves flooded social platforms.
The Guardian article rightly warns this wasn’t just about a workplace romance. It was about the unchecked spread of images and information, the collapse of consent, and the very real corporate risks tied to digital virality.
The kiss cam footage was filmed without consent. Internet sleuths identified the couple using open-source data. From that moment, control of the narrative was lost.
•Privacy lesson: In any public setting, assume cameras are rolling and identities are traceable.
•Corporate risk: Senior leadership should be trained on the reputational impact of public visibility—even outside the office.
No one from Astronomer made a statement before social media took control of the story. That vacuum allowed speculation, jokes, and accusations to shape the public’s perception.
•Risk management takeaway: Reputational risks need escalation paths just like financial or compliance risks. Waiting days to “investigate” before speaking up is no longer viable.
•ERM response: Integrate reputational threats into your risk register. If it’s not mapped and monitored, it’s unmanaged.
After the clip went viral, fake apologies, phony statements, and even fabricated Coldplay press releases were circulated.
•ERM and Internal Audit Implication:
• Is your company monitoring for misuse of your brand and leadership names online?
• Are your fraud, media, and legal teams coordinated on impersonation and fake content?
• Do you have a protocol for verifying and correcting misinformation?
This event raises questions around power dynamics, workplace relationships, and the perception of favoritism.
• Internal audit teams should ask:
• Are executive conduct policies clearly written, communicated, and enforced?
• Is there a separate, independent reporting path for potential leadership misconduct?
• From a board governance angle:
• Was the audit committee or risk committee informed fast enough?
• Did management act swiftly and consistently with policy?
This risk didn’t originate within the workplace—it happened at a concert. But the reputational fallout landed squarely on the company.
•ERM lens:
• Include off-site or third-party settings (like events, conferences, and public appearances) in your risk scoping.
• Include employee behavior at external events in your code of conduct and crisis response planning.
What tools does your company use to track viral mentions, impersonation, and trending stories involving your name or executives?
•Internal Audit priority:
• Test crisis communications readiness.
• Review social listening capabilities.
• Assess roles and responsibilities across communications, HR, and legal for these events.
This wasn’t just an awkward kiss. It was a failure in preparedness, digital monitoring, policy clarity, and crisis execution.
For internal audit and ERM leaders, it’s a reminder: reputational risks are business risks. And they move faster than most companies are ready for.
If you’re not asking how your company would respond to a similar moment, you’re already behind.
At a Coldplay concert, the stadium kiss cam landed on a couple who kissed to cheers from the crowd. A few hours later, the internet had identified them as Andy Byron, CEO of Astronomer, and Kristin Cabot, the company’s chief people officer. It went viral.
What followed: online speculation, memes, misinformation, and eventually a full-blown HR crisis. The couple were placed on leave. The CEO later resigned. Fake apology letters and statements from Coldplay themselves flooded social platforms.
The Guardian article rightly warns this wasn’t just about a workplace romance. It was about the unchecked spread of images and information, the collapse of consent, and the very real corporate risks tied to digital virality.
The kiss cam footage was filmed without consent. Internet sleuths identified the couple using open-source data. From that moment, control of the narrative was lost.
•Privacy lesson: In any public setting, assume cameras are rolling and identities are traceable.
•Corporate risk: Senior leadership should be trained on the reputational impact of public visibility—even outside the office.
No one from Astronomer made a statement before social media took control of the story. That vacuum allowed speculation, jokes, and accusations to shape the public’s perception.
•Risk management takeaway: Reputational risks need escalation paths just like financial or compliance risks. Waiting days to “investigate” before speaking up is no longer viable.
•ERM response: Integrate reputational threats into your risk register. If it’s not mapped and monitored, it’s unmanaged.
After the clip went viral, fake apologies, phony statements, and even fabricated Coldplay press releases were circulated.
•ERM and Internal Audit Implication:
• Is your company monitoring for misuse of your brand and leadership names online?
• Are your fraud, media, and legal teams coordinated on impersonation and fake content?
• Do you have a protocol for verifying and correcting misinformation?
This event raises questions around power dynamics, workplace relationships, and the perception of favoritism.
• Internal audit teams should ask:
• Are executive conduct policies clearly written, communicated, and enforced?
• Is there a separate, independent reporting path for potential leadership misconduct?
• From a board governance angle:
• Was the audit committee or risk committee informed fast enough?
• Did management act swiftly and consistently with policy?
This risk didn’t originate within the workplace—it happened at a concert. But the reputational fallout landed squarely on the company.
•ERM lens:
• Include off-site or third-party settings (like events, conferences, and public appearances) in your risk scoping.
• Include employee behavior at external events in your code of conduct and crisis response planning.
What tools does your company use to track viral mentions, impersonation, and trending stories involving your name or executives?
•Internal Audit priority:
• Test crisis communications readiness.
• Review social listening capabilities.
• Assess roles and responsibilities across communications, HR, and legal for these events.
This wasn’t just an awkward kiss. It was a failure in preparedness, digital monitoring, policy clarity, and crisis execution.
For internal audit and ERM leaders, it’s a reminder: reputational risks are business risks. And they move faster than most companies are ready for.
If you’re not asking how your company would respond to a similar moment, you’re already behind.
