As we approach the end of the year, and are seriously thinking that adding rum to out-of-date egg nog is a good idea, it might be good to look back and review the lessons we learned from some bad decisions. We can only hope that someone will learn from them instead of repeating them (that’s my Christmas wish, by the way). So let’s talk about the big takeaways.
Hiring a CEO from a different industry with little experience will end badly
From Carly Fiorina to Merissa Mayer, the one big lesson we should finally get is that an inexperienced CEO who doesn’t even come from the same technology area doesn’t magically become successful if they are a minority. I get that we don’t have enough women in tech, I do, but sticking a woman in a job she can’t succeed at is just as stupid as sticking a man in a job he can’t succeed at. You don’t get a pass because you were an equal opportunity screw up.
Seriously, either pick an experienced CEO or pick someone that understands the industry, don’t go for the trifecta of lack of experience in both and adding diversity for that little extra degree of difficulty. We go through a lot of trouble to pick qualified people for far lower-paying less critical jobs, maybe we should do the same for the top spot? Then again we’d likely miss all the drama.
[ Related: 4 attributes that make a CEO successful -- What Fiorina and Trump can learn from SWOT -- Meg Whitman’s 4-step guide to killing acquisitions ]
Being a public corporation is suicidal
We saw a number of companies go private over the last few years. Pretty much all are in far better shape now than they were when public. You’d think that would give folks a tad more pause when it comes to going public in the first place. I get that this seems like easy money, but the massive cost of regulatory compliance plus having to deal with “activist investors” who want to spike valuation at the cost of long-term survival isn’t worth that benefit.
Being public seems to lead to just really stupid things, like breaking a company painstakingly built over decades apart, or spending the firm’s cash reserves on dividends or stock buybacks. Either resist the stupid stuff, Google and Facebook were structured to avoid this kind of foolish influence, or don’t go public in the first place. Trading off a firm’s future for a few points in temporary stock value isn’t particularly brilliant.
Not closely managing permissions
From the Sony breach to Eric Snowden, we should get that permission management is a critical survival skill. The inability to effectively manage permissions cost the Sony pictures CEO her job and set U.S. diplomacy back more than the Trump candidacy has (though that’s getting close to changing).
[ Related: Awareness lessons from the Sony hack -- Intelligence Community Works to Get Beyond Snowden Stigma ]
Given the goal of most attacks is to gain access to our critical customer, intellectual property, financial or personal data, and that firms large and small and governments have been hit you’d think everyone and their brother would have some form of robust permission/access management service or product in place to protect aggressively against this kind of attack. But nope, this is still more of an exception than a rule even though a breach like this could cost a CEO his or her job. There aren’t a lot of CIOs who survive getting their CEO fired.
[ Related: How to stop the security breach tsunami ]
Putting data acquisition before analysis
One of the most annoying things to watch this year was the San Bernardino attack post analysis. It turned out that much of what law enforcement needed to prevent the attack was on social media and not protected. Yet instead of focusing on doing more with what it legally has access to, the U.S. government focused on collecting more information. This, unfortunately, is far from uncommon because big data as a concept got well ahead of intelligent timely analysis.
