A recent event over the holidays, the failed terrorist attack on flight 253 from Amsterdam, has predictably resulted in a flurry of activity by politicians and pundits to foist new “security measures” unto the public to assuage our fears of the boogey man boarding airliners. As most people know, these measures accomplish nothing to actually increase security but rather they are an attempt to make us feel that someone is actually doing something. It is strictly public relations.

The other morning I read a terrific piece by one-man security think-tank Bruce Schneier written for CNN. It serves as a terrific introduction to what is known as security theater. From its Wikipedia entry:

Security theater has been defined as ostensible security measures which have little real influence on security whilst being publicly visible and designed to demonstrate to the lesser-informed that countermeasures have been considered. Security theater has been related to and has some similarities with superstition.

Now, let’s transpose this to Information Technology.

Recently I had the opportunity to consult for a start-up company in a very nascent and competitive sector in the virtualization marketplace. Their product is a virtual desktop solution based off of a completely proprietary protocol stack and driver suite. It’s very cool stuff, and very complex. This provided their senior management team with a number of challenges wherein we can draw parallels to security theater.

Since no metrics yet exist to quantify the entirely subjective nature of a user experience or satisfaction index (the first company to reliably demonstrate a workable metric will dominate more than just the virtual desktop market), senior management drew some downright bizarre conclusions about root causes of unhappy users experiencing application crashes, iTunes running sluggishly, Excel scrolling too slowly, etc. Their analysis resulted in a firm commitment to a belief that the software being developed by the engineering team was infallible, Apple and Microsoft products are bug-free, and that the undeniable cause of all issues was that IT personnel did not participate in this illusion.

The problem this created was an entire department, IT, left trying to consider how to inform overly-experienced management (there is such a thing) that managing expectations is entirely different from managing perceptions. Feigning concern for non-existent problems in order to assuage worries about product performance does a disservice not only to employees, but ultimately to the shareholders. However, it does fall right in line with the meme that perception is reality. Once you buy into the meme, it’s not such a leap to start to believe that creating perceptions creates reality; a concept which is very popular, but not even consciously realized, in larger companies.

Perception: The IT department is terrible.
Reality: Brand new, highly complex software still under active development has the potential to crash and create problems.

Perception: Taking my shoes off at airport security makes me safe.
Reality: Terrorists also wear underpants.

The unfortunate nature of this resulted in directives more fitting for mature, large companies than those just scratching the surface of their growth stage. It’s incredibly cynical to say, but it’s also incredibly accurate: Forgo actually solving problems, but make sure you create the impression that you are. If everyone does this, then everybody is covered, and everybody’s jobs are safe. Create the perception, create the reality. This is management theater.

The longer this behavior is allowed to linger (especially in senior management), the more and more institutionalized it becomes. It can be very challenging to dig a company out of its effect.

As a business leader (and let’s never forget that you are part of the team, not the team itself) if you suspect you have a problem, you need to step back and interface with people outside of management. Get a feel for what issues can be addressed proactively before they become severe. Do you have a member of the management team who is blaming rather than addressing? Cut them loose before it’s too late for yourself and your shareholders.

I was recently interviewed by the IT-Finance Connection to discuss some of the common issues facing business leaders when it comes to technology direction and strategy. We briefly hint at our Five Questions concept and how it can help start-up and growth companies better prepare for their futures. You can listen to the interview right here.

(more…)

I received an email today from fellow IT pundit Robby Slaughter referencing a previous post of ours which dealt with an article in CIO Magazine. Our original article, titled “Nine Reasons Why IT Personnel Think Their CIO is Clueless”, expounded on some of what we felt were key failings of many CIOs in today’s management environment. Robby took it one step further and, with his acerbic sense of humor, essentially re-wrote the original CIO article to point out areas he sees as actual incompetence instead of principle abstracts.

(more…)

“My company faces technology issues all of the time, but my IT budget seems to run wild with consultants, capital expenses, and personnel training!” For most businesses leaders we’ve met with, this statement sums up their entire view of (and frustration with) IT. Even if they do not immediately see issues and have just a general feeling of malaise with their IT efforts, after we go over our five questions it begins to crystallize. I personally feel that this desperate statement is cried out not only due to a misunderstanding of the role of IT, but can also be due to either lack of or downright ineffective IT management in their organization.

(more…)

This morning we stumbled across an excellent article from CIO Magazine. While it focuses primarily on Application Developers, we believe it applies to IT across the board. We’ve seen these so-called “9 Reasons” violated at many an organization, much to their detriment and dismay.

(more…)

One of the sad realities that I witness almost every day is when genuinely good IT people are overlooked by inexperienced management or human resources teams. Or, these existing good people find themselves being shown the door due to their manager’s inability to work with technologically-minded people. This happens extensively in the realm of growth companies and even in some start-ups. The push to become big and behave as a bureaucracy sometimes becomes incorrectly perceived as tantamount to success.

(more…)

I have been spending a lot of time talking about “progressive business and technology solutions”, but what does this really mean? What is a Virtual CIO? How does it help the small- to medium-sized business?

In other words, how does a Virtual CIO increase your business’ competitiveness in today’s marketplace?

(more…)

When I meet with potential clients for the first time, the first thing I always do after going over pleasantries and introductions is to dive right into the heart of what we’ve identified as the “five questions”. It’s not a sales pitch at all. We don’t consider ourselves to be sales people and our clients never have to deal with sales people or account executives or whomever; rather they deal directly with their Virtual CIO. Nevertheless, what these five questions do is get people to think about their views of IT and give them an alternative way to approach technology in their environment.

(more…)

The Chief Information Officer (CIO) is the person in an organization who is responsible for the information technology and computer systems that support enterprise goals. As information technology and systems have become more important, the CIO has come to be viewed in many organizations as a key contributor in formulating strategic goals. Typically, the CIO in a large enterprise delegates technical decisions to employees more familiar with details. Usually, a CIO proposes the information technology an enterprise will need to achieve its goals and then works within a budget to implement the plan. Typically, a CIO is involved with analyzing and reworking existing business processes, with identifying and developing the capability to use new tools, with reshaping the enterprise’s physical infrastructure and network access, and with identifying and exploiting the enterprise’s knowledge resources.

(more…)