Exponential advances in information technology (IT) are challenging industry and defense leaders with an increasingly complex climate. The growing density of the global information environment is rapidly outpacing our ability to understand and predict security risks associated with emerging technologies.
The need for a broad leadership approach that effectively addresses this phenomenon has become a national security imperative.
The world’s industries and governing bodies share a common characteristic — an ever-increasing reliance on connectivity. Governments, universities, grocery stores, energy grids, air traffic control, hospitals and even home kitchen appliances all sail the high seas of this global commons.
With perhaps the notable exception of those leading IT businesses, most industry executives advance to senior positions outside of cyber-oriented paths, cutting their managerial teeth in operations, personnel, business, engineering or financial domains. For these digital immigrants, the lack of a focused IT exposure has resulted in poorly timed cyberspace awareness.
Transdisciplinary leadership helps bridge this knowledge gap. It helps leaders of all industries build a coherent understanding of complex issues, improving decision-making by fusing pieces of information across dissimilar, stovepiped areas or disciplines.
So why is transdisciplinary leadership a national security imperative? The increased information interdependency between private and public sectors exposes everyone to cyber vulnerabilities, with cascading risks multiplied across the national security landscape.
Whether talking about cybercrime, terrorism, one government’s influence over another, industrial espionage or basic information sharing, all possess a relationship to the traditional diplomatic, informational, military and economic levers of national power. While IT acts as both a foundation and powerful enabler for these elements, a simultaneous introduction of malicious activities in cyberspace can quickly become a nation’s Achilles’ heel.
In April, the US Government Accountability Office stated that information security incidents reported to the US Computer Emergency Readiness Team doubled from nearly 30,000 to over 61,000 between 2009 and 2013. The Pentagon counts approximately 10 million cyber intrusion attempts daily.
Most recently, the diplomatic fallout continues for the May 19 US government indictment of five Chinese People’s Liberation Army officers on 31 counts of cyber espionage and criminality against six US companies.
Critical infrastructure vulnerabilities of networked systems, such as those used by power and utility, manufacturing, and mass transportation companies, expose other sectors to secondary risk. Yet, according to network security experts, power companies rank near the bottom of all US industries in cyber protection.
Gregg Steinhafel, the former chairman and CEO of Target, agreed to step down following a large-scale data breach affecting approximately 40 million credit card users in 2013. Although a 2014 IBM study places the average cost of a data breach borne by a company at $3.5 million, the Credit Union National Association and Consumer Bankers Association estimates those costs for Target now surpass $200 million.
An expanded transdisciplinary leadership style helps address cyber risk management, and the good news is that all need not become cyber subject matter experts. However, CEOs must possess a clearer understanding of cyberspace to effectively engage the CIO at the same level as the COO or CFO. You wouldn’t expect a captain, while lacking a degree in meteorology, to steer a 100,000-metric-ton oil tanker into a crowded port without incorporating the weather forecaster’s inputs.
Top leadership should expand transdisciplinary leadership by participating in executive-style cyber education programs and encourage the same for non-technical executives. All C-suite members must incorporate CIO inputs into the overall strategic picture.
Executives also must incorporate cyber-aware, risk management policies into strategic planning and interweave IT into day-to-day operations paying special consideration to multinational partnerships and mergers and acquisitions. Multi-industry risks will force cooperation among many partners, driving threat-sharing requirements with public and private entities alike.
Finally, leaders running IT companies should emphasize supervisory-level, transdisciplinary leadership by forming an inclusive climate for non-technical executive input. Incorporating digital immigrants into IT decision-making forums creates a richer variety of options, helps assess operational implications and avoids group think.
In the back-and-forth contest in cyberspace, perfect security is neither achievable nor affordable. Our common desire for cyberspace interconnectivity magnifies shared risk across all national security components. Transdisciplinary leadership is necessary for effective decision-making and risk management, strengthening the security environment and national resilience. ■
Kendall is a management and technology consultant, retired US Air Force brigadier general and former director of Warfighter Systems Integration, Office of the Secretary of the Air Force Chief Information Officer.