There is evidence that modern management techniques can make it more difficult to respond to a data security breach, writes Jonathan Armstrong, partner at international law firm Eversheds.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
Corporate crises of every shape are becoming more common. Maybe 10 years ago most senior business executives dealt with one or at most two major "bet the company" events in their time at the top. Contrast that with the life of some major business figures today.
For example, Willie Walsh at British Airways seems to average almost a crisis a month. We have had Heathrow's Terminal 5, a plane crashing at Heathrow, the aftermath of the Gate Gourmet dispute, increased fuel costs, substances found on a plane to Moscow, the banning of liquids, lost baggage, baggage handlers' industrial action, fog, the ban on employees wearing crucifixes, check-in staff industrial action, the attack on Glasgow airport, environmental protesters at Heathrow, price fixing on fuel surcharges and the resultant class action litigation.
This does not mean Walsh is at fault - many of these issues started before his watch - but it does mean that today's business leaders have to adapt to what would have been seven lifetime's worth of crisis in the old world.
It is not just the rapidity of these crises that have changed, but also the appetite and ability of the media to recycle old stories. Companies and government departments which have suffered one security breach always have that mentioned as a previous conviction when a second breach occurs. Breaches reported on the other side of the world find their way onto our screens within seconds, and vice versa.
The pressure to react to a breach is greater while at the same time we teach our leaders to be more consensual and to adapt a coaching style of management. Often these skills are not the best way of responding to a breach (or any kind of crisis).
Take the case of a major US corporation which suffered a security breach. One of the senior management immediately rolled their crisis plan into action and called all of the relevant people into the boardroom for a crisis meeting. He went around the table asking each member of the team what they thought the priorities were and what they would want people to do if they were in his shoes. He had remembered all he was taught on a "coaching the team" away day.
As he went around the room, one of the team saw a TV news van arrive in their car park. While the discussions continued in the boardroom, the van's antenna went up and the crew were in reception asking for comment. There were two main results. Firstly, the CEO had to appear on the TV news to explain what had gone wrong without a proper briefing from the crisis management team. Secondly, the consensual manager was sacked by the CEO issuing the immortal words: "You can't coach in a crisis."
Security breaches are "bet the company" incidents for many organisations. They need proper planning in advance, a detailed response plan and strong leadership. In times of crisis businesses usually prefer a Churchill to a Chamberlain. The true modern manager has to be able to adapt their style to suit the challenges they face.