Thou shalt question accepted wisdom
The Ten Commandments of Leadership can take security executives far, but they are not above scrutiny.
Many leadership principles are so commonly articulated they’re practically dogma.
If there were a Ten Commandments of Leadership, they might go something like this:
- Lead via influence, not authority
- Hire people who are smarter than you
- Display a bias for action
- Credit successes to others, accept blame personally
- Act with integrity
- Have a vision and inspire others with it
- Trust and empower your team
- Practice and encourage continuous learning and development
- Keep things simple
- Embrace failure
They seem inviolable. But are they?
Like the actual Ten Commandments, people preach some of them in public but repudiate them in private. Doing so may be hypocritical, but it may also be savvy. After all, coveting what thy neighbor has, a scriptural no-no that shows up in two separate Commandments, is essentially the foundation of capitalism.
Consider “Hire/surround yourself with people who are smarter than you.” I’ve had many frank discussions with colleagues, at all levels of the corporate hierarchy, who pay lip service to that maxim but don’t follow it. The expectation is that you will be rewarded for your selfless and sage hiring. But what if your boss doesn’t see it that way?
“I’m afraid my boss will see that they are more intelligent than I am, and they will be promoted above me or retained at my expense when there is a reduction in force,” one security executive told me. He added that he feels secure enough to hire people who are smarter than him in specific areas — such as technology or accounting — but not in such areas as security, risk management or general business knowledge.
"Failure works only when it is followed by improvements and iterations that get closer to the goal.”
Or how about “Credit successes to others, accept blame personally.” In one organization, a rival vice president, let’s call him Rick, was undermining the Vice President of Security, we’ll call her Lydia, by using Lydia’s acceptance of blame for security staff failures (which weren’t major) against her. A direct report of Rick eventually told Lydia that Rick was threatened by Lydia’s close relationship with the CEO and was using her own words and leadership qualities against her. By reporting only Lydia’s errors but not her successes — which she ascribed to her team — Rick had eroded that bond so much that the CEO encouraged Lydia to find a new job. The CEO eventually fired Rick when he learned how Rick had manipulated him, but the damage was done.
Next, having a “bias for action” works for entrepreneurs, fast-moving businesses, and cases in which data is available, decisions are reversible, and/or time is of the essence. Leaders should be aware that bias for action can also be considered a cognitive bias, which is a negative. In those cases, people follow their impulse to act absent sufficient analysis, data or alignment with set goals.
Target often installs anti-theft technology on its shopping carts so they can’t be taken off the premises. In at least one location, however, the system was installed without setting the proper perimeter. In December 2022, a TikToker posted a video of shoppers struggling with full carts whose wheels had locked up far from their vehicles. The post went viral, amassing more than 500,000 likes, 14,000 comments and 15,000 shares. That’s a reputational hit Target would like to have back but for a bias for action.
Finally, there’s “Embrace failure.” It’s almost anathema to question that shibboleth. Countless articles, reports, courses, webinars and other media tout the virtues of failing spectacularly, failing fast and so on.
The problem is that tolerance for failure and learning from failure — which are good things — are far different than expecting to fail because you have a safety net or expending company resources on an effort that has little chance of succeeding. Failure works only when it is followed by improvements and iterations that get closer to the goal.
By all means, embark on a moonshot if you can. Just make sure that the organization will benefit from the effort and its multiple iterations — perhaps in development of new technologies, processes and skills — if the ultimate goal isn’t achieved.
The Ten Commandments of Leadership — or maybe there are seven, 15, or 24 — originate from research, experience, anecdotes and other sources. They all contain wisdom and truth.
But they are not religious doctrine, and security leaders should understand what these principles mean and examine them closely rather than adopt them as articles of faith.