Recommendation: Companies must invest in their processes, clarity of ownership (RACIs) and adequate staffing to cover the breadth of responsibility. Cutting corners on any of these three will ultimately result in friction, slowness and worse: increased risk to the company.
Problem 5: Ego
Leaders with too much/unchecked ego tend to make decisions focus on the short-term initiatives/gains or self-promotion rather than long term planning or sustainably reducing risk.
Analysis: Security, privacy and law are all domains that require a significant motivational fit to be successful. Ego can spur motives that do not serve a company well in the long run. Much of my discussion with my contributors circled back to a conflict of personality, largely tied to ego. Ego problems can exist in any function and play out in a number of ways that block progress.
A senior privacy leader in the airline industry shared that leaders with too much ego and the wrong motivations/incentives tend to lack the ability to create and drive enterprise strategy and sustainable operations. Their decision-making process tends to focus on the short-term initiatives/gains rather than long term planning and benefit.
Ego problems are difficult to “cure,” especially when leaders are more senior in the company or have a low EQ (emotional quotient) coupled with a high IQ (intellectual quotient). Big egos tent to lose trust, while personal trust and transparency are critical to a healthy partnership between functions.
Recommendation: Know the players involved and understand their motives. My Six Sigma training and certification included a process called political mapping. It involves diagramming an organization’s key leaders, levels of influence or conflict and dynamics amongst the teams. It enables you to create an informed stakeholder management and communications plan to maximize your chances of successfully moving an initiative forward. I’ve carried this tool (and many others) into my regular toolkit. You may not be able to change leaders, but you can attempt to manage them.
Time is money
No company has time for friction in cybersecurity and privacy. The stakes are too high and customer trust is on the line. The intentions and motivations across cybersecurity, privacy and legal stakeholders are likely coming from a good place. However, communications, understanding, tactics, process and ego can cause significant friction for everyone involved. When this happens, no one wins – especially the company and its customers.
Companies that take a little time upfront to invest in minimizing friction will see their speed increase significantly. If you have experienced challenges and need some “graphite” in your pocket to go faster toward your goal, remember these five things.
- Focus on building partnerships
- Enhance understanding of technology, use and controls to prevent misuse
- Find the right balance between operational goals vs compliance/documentation needs
- Drive towards defined, efficient and continuously improving processes
- Check egos: manage your stakeholders
Lastly, finding resources that have experience across security, privacy and legal can help you accelerate your efforts to reduce friction. Just like one dad asking another for graphite to reduce friction just before the race, it is never too late!