Nothing good happens after midnight.
When your home phone rings, startling you at that hour, you automatically leap to a worst-case scenario, as you take an instant mental inventory of your life: Where is everybody? Are the kids at home? Did someone die?
The same thing happens when a CEO gets a call off-hours or on the weekend. When the caller ID is the corporate attorney’s number, you can count on it being a problem so big, it can’t wait until the next morning. In my career as a CEO, I’ve had nine of those calls. I can recall every one of them.
Despite what some people may think, all organizations face their share of challenges and even the occasional crisis. The larger the organization, the more likely it will face a problem—somewhere in the world. Look no further than what General Motors is going through because of faulty switches in cars manufactured nearly a decade ago, which are now being recalled—and causing PR and legal headaches for the automaker’s current leadership.
Today, life in the cyberworld has made for some insidious situations that come, seemingly, out of nowhere. Late last year, a massive data breach at Target affected tens of millions of the retailer’s customers after credit card, debit card and personal information was stolen.
Every day, 800,000 new pieces of malware, malicious software designed to cause harm, are discovered. Among the latest threats is Heartbleed, which is making pulses pound with panic because of vulnerability in encryption code used by many popular Web sites—and not just social media. Regulators have told banks to plug the Heartbleed hole. Makes you wonder the next time you use your smartphone to transfer money out of your account. Is someone else doing the same—with your money?
Those ubiquitous devices we use to surf, search, post, comment, fan and fave—so indispensable, we spend a full two years of our lives staring at those little screens—suddenly make us feel vulnerable every time we log in (or attempt to change a password). Just watch the average airport security line, where the conveyor belt looks like a sidewalk sale at Best Buy, and spot the passenger who suddenly can’t find her iPhone or his Android. It’s a mad scramble until device and owner are reunited. It’s worse than losing your wallet.
The risks of cyberattacks have never been greater—or more common.
In the late summer of 2012, I was enjoying a quiet evening at home after a hectic schedule of international travel, when I received an urgent call from our corporate counsel. At that time of night, I knew this wasn’t going to be good news. I was right, unfortunately. Korn Ferry had been the target of a cyberattack.
“What?” I nearly shouted into the phone.
“We’re under cyberattack.”
This rapid-fire exchange went on for 30 seconds, as I wrapped my brain around what was happening. Then it was time for action.
When the unthinkable occurs, there’s no time to lose. The leader must trigger a launch sequence of response in accordance with leadership principles that were defined long before a call comes in. The more mentally prepared a CEO is for how to respond “when that call comes,” the more confident and clear the leadership in a crisis.
A CEO is always going to face unfamiliar problems and be put in tough first-time situations. Simply stated, there is always going to be something that you haven’t faced or dealt with before. Good leadership, though, adapts; applying previous experiences and lessons learned to the newest challenge (the essence of learning agility, which Korn Ferry considers a key predictor of leadership success).
During business hours or off-hours, onsite or offsite, on the job or on vacation, a CEO is always “on.” The buck stops on the leader’s desk. Even when a CEO is caught off guard on a Sunday night, he/she can’t say, “I don’t know.” The reality is the leader must have an answer. Leaders and their teams must be adept at setting and executing strategy, whether offensively or defensively. The leader weighs the options of all possible solutions—while taking into account all the permutations. Strategizing means preparing for the worst-case scenario—with alternatives when there are further “surprises” on top of the unexpected. It’s not enough to have a Plan B.
While cybersecurity is a relatively new entry on the list of all the things a CEO must worry about these days, the response to it boils down to timeless leadership principles. As a CEO, you are always going to face new challenges. Your leadership, in fact, will be defined by how you lead through the most difficult times—for you and your organization. Clarity and confidence come from preparation, from knowing what you will do and how you will respond when that call comes in—long before the phone ever rings.
For that reason, we focused much of this issue of Briefings on Talent & Leadership on the cyberworld – its malevolent underbelly, that is. In this issue, we interview Gen. Michael Hayden, a former director of the National Security Agency. The NSA is at the center of controversy with revelations that it has been listening in on conversations held around the world. But it is also the subject of a security breach of its own, as the story of Edward Snowden indicates. This creates a new tension—the watcher who is being watched.
David Berreby’s article, “Is it Spy vs. Spy or Me vs. I?” sums up that dichotomy clearly. In the new world of digital vulnerability, all of us play more than one role. We are defending our privacy while organizations we directly or indirectly support might be taking it away.
This issue also looks at Bitcoin, the controversy surrounding it and the mystery of who started what is rapidly becoming a global currency.
There is more to this issue than cybersecurity and new currencies. We also look at Wolfgang Puck’s culinary empire—and the attention he pays to the experience of dining. We also examine new ways of hiring relying on analytics and Brazil’s preparations to host the World Cup.
Even in this world of Spy vs. Spy, we are certain this issue of Briefings will surprise you.