In 1986, Space Shuttle Challenger broke apart 73 seconds after launch because of a failed O Ring that employees of NASA had earlier highlighted as a risk. Investigation into the tragedy revealed that NASA’s employees tried to sound the alarm before launch. For various reasons, they were not heard and seven people lost their lives.
The story of Challenger has been studied and dissected by every business school class, as an example of how the culture of silence is an overwhelming threat to an organization.
Today’s complex healthcare industry uses the story of Challenger to raise awareness of the importance of psychological safety, allowing healthcare workers to challenge each other in the name of patient safety and quality.
Now we learn that former employees of Home Depot’s technology team warned leadership about the vulnerability of their data. They pointed to outdated security protocols and a laissez faire attitude toward the growing security threats made public by the Target invasion.
After the Target theft, The Home Depot engaged cyber security specialists to protect their systems, but the thieves were already there, resulting in the largest data breach in retail history.
From the NY Times article,
“Several former Home Depot employees said they were not surprised the company had been hacked. They said that over the years, when they sought new software and training, managers came back with the same response: ‘We sell hammers.’”
Corporate Social Responsibility
We are not talking about the local hardware store down the street, where we know the owners, and stop by to chat for a while.
This is a mega-publicly traded-company that has no right to “only sell hammers.” If they don’t realize that their information technology security is also a product that they sell to their customers, they’re sadly mistaken. Well, I suppose it is us that is sadly vulnerable.
Just as the old “mom-and-pop” hardware stores accepted a social responsibility within their community, these mega-stores have the same responsibility, just on a scale that is almost unimaginable.
Why in heck do you even have a Technology team if you think they are not part of your product offering, if their role is just to stay in the background and keep the systems running?
It’s the people, stupid
Large organizations today are as complex, if not more, than the government. Leadership of these large organizations is an awesome responsibility. Yet we still haven’t gotten the message that the key is in understanding the people, their behavior, the culture, and how people interact with each other.
No matter how good financial, technology and operational systems are, it’s the people that make them work. Or not.
We continue to minimize the people aspect of organizations, in business schools, and in practice. We spend hundreds of thousands of dollars on programs that will engage and motivate people, but we ignore the very reason people become unmotivated and unengaged….because they don’t have a voice with leadership.
Every single employee in every single organization has something of value to say. They may not be articulate in expressing their thoughts, or they may be timid in using their voice. It is the responsibility of leadership to help them find their voice.
Back to Leadership
And so it all comes back around to leadership. Employees are most likely to open up to those leaders that they are closest to. Those leaders need to be able to establish trust and psychological safety. But the leaders above them need the same qualities. Regardless of the leader bringing issues or concerns to the table, if that leader is deemed to have a role in the organization, then must have a voice.
I continue to shake my head with all of the money spent on engagement and incentive programs, when the answer is in leadership.
Leaders who know how to build trust and commitment in their teams, and executives above them who create the platform for effective organizational communication, are the only real answer for today’s mega-companies. Without trust and commitment at every level, the organization is vulnerable. And today’s organizations cannot afford that vulnerability. It is their social responsibility to protect the customer.