CEOs Are Unprepared for a Second Wave
A conversation with security analyst Micah Zenko on how leaders can get better at planning for risk.
Micah Zenko is a national security analyst and the director of research and learning at the McChrystal Group. He has worked at the State Department’s Office of Policy Planning, Harvard University’s Kennedy School of Government, and as a senior fellow at the Council on Foreign Relations. For transparency, the McChrystal Group is an Atlantic 57 client.
Zenko recently spoke with Merrill Wasser and KC Sledd of Atlantic 57 about how businesses have underinvested in risk planning and how they can better prepare for crises.
This interview has been shortened and edited for clarity.
You’re an expert on Red Teaming, which is when a group helps an organization improve by providing an opposition point of view. Why is Red Teaming important?
The fundamental reason Red Teaming is needed is that you can’t grade your own homework. You should not trust anybody’s assessment of their own performance. The people who develop plans are the least likely to see problems with them. It’s inherently difficult to challenge your assumptions.
There are also two key pressures: One is groupthink, which is when you work with people over a certain amount of time and you start to think alike. And the second is hierarchy—we care tremendously what our bosses tell us.
Red Teaming is a management tool to overcome these inherent biases. It changes the frame for how you talk about problem sets by using a series of techniques, such as devil’s advocacy and simulations. The idea is to think through all the ways things could go right or wrong so you’re further ahead of the curve.
How could business get better at inviting contrarian perspectives within a hierarchical ecosystem?
In every organization I’ve ever studied, mavericks get hunted down and killed. And the reason is mavericks cause doubt and skepticism about a product, a process, or a plan.
What organizations have to do is recognize that dissenting and novel viewpoints are essential for any organization’s performance. The way you stay ahead of the curve generally is to be extremely agile, adaptive, and willing to listen to new ideas and to pivot markedly. If you’re not an organization that creates a degree of psychological safety, where people can be themselves and share information with senior leadership, the organization tends to become static and hidebound.
You mentioned the importance of psychological safety. How do leaders create more psychological safety in the workplace?
Most senior leaders say, “My door is always open. Anyone can come and tell me bad news.” If you’ve ever worked anywhere, you know that’s not true—nobody actually feels that. If you’re a senior leader, you have to go out and actually solicit information that challenges your viewpoints.
I don’t recommend formal mechanisms, because things like suggestion boxes and internal wikis are often a replacement for normal conversations that should be had anyway. But also, just do what’s called “MBWA”—managing by walking around. A lot of really successful senior leaders walk around to solicit ideas informally that people don’t want to go through normal chains and meeting structures to present.
The final thing is, as a leader, you have to call attention to your own shortcomings and failures. If you project that image of perfection and you keep your failures or your shortcomings hidden from the rest of your team, they will perceive it as their responsibility to do the same.
Sign up for our Altered newsletter
Every week we bring you data and insights to navigate a rapidly changing brand and consumer landscape.
Are there mistakes leaders make when they’re planning for risk?
The biggest thing they don’t do is empower their team and align around risk. Most risk analyses are often just check-the-box exercises, and leaders aren’t really talking to their team about what risks they see. And if you’re not aligned around the risk tolerance your organization has, people will hold back.
You also have to collect the information when it can be helpful and timely. If you think about risks the day before a new product’s going out the door, it’s too late. The time to do this was when the product was in the early phase of development.
There’s a fake military acronym for how organizations make final decisions, called BOGSAT. It means “bunch of guys sitting around table.” The boss comes in, people have seen a slide deck, and the boss says, “what do you all think?” You’re going to get nothing, because groupthink has taken hold and it’s too late. Smart leaders get ahead of it. They’re solicitous of input, they work consistently throughout planning cycles and product rollout cycles, and they’re willing to adapt and change.
Let’s talk about the pandemic. On the whole, how well do you think the business world was prepared to deal with the effects of COVID-19?
I think it varied. Many organizations are experiencing COVID very, very differently. Overall, if I had to just give it a grade-level assessment, it’s a C minus. And the reason is, companies don’t want to do crisis planning. It’s always sort of nice to do, but it’s a cost center that doesn’t generate income. The smart ones who had done crisis planning and contingency planning I think have responded a lot faster, but that’s very few companies.
There’s talk of the virus being cyclical and the potential for a second wave to hit us later this year. How should businesses be planning for that now?
We’ve been talking about what we like to describe as a “restart checklist”—how are you going to reopen, re-engage, and re-emerge with the marketplace you normally serve? When are you going to open your doors? What will that look like?
Everyone’s thinking about the combination of how and when, because if you start too late, you’re going to be behind the curve and your competitors are potentially going into markets that you might have owned before. But if you start too early, you accrue the risks of inducing reinfection rates to your workforce and potentially your customers or clients. And then you’re dealing with absenteeism, moral issues, legal liability, and reputational risk.
As someone who studies risk, what is one thing you recommend we all spend less time planning for? And one thing you recommend we spend more time planning for?
Spend less time planning for things that are outside of your control that you don’t have agency over. Spend more time on things that you have agency over, and that primarily is your people. If I had a hundred pennies, I would spend more of them on my people than I would on any concerns about the external environment.
The final thing I’ll say is, thinking about internal risk is the hardest thing to do. It’s like therapy, where you have to be willing to make that self-assessment and internally diagnosis yourself. A lot of organizations put it off until some point in the future, and then it becomes a crisis. Focus in-house before you go out-house.
Vice President, Strategic Growth
More from Altered
SVP, Experience Strategist
Vice President, Product