Calm in the Crucible
On July 12, 2006, fighting between the Israeli army and the Lebanese militant group Hezbollah suddenly erupted and started to spread. Hezbollah fired rockets and anti-tank missiles; Israel responded with airstrikes and artillery fire, and later launched a ground invasion of southern Lebanon. The 2006 Lebanon War raged on for 34 days before the United Nations brokered a ceasefire.
I received word of the fighting shortly before the news reports hit. I was GE’s divisional global security director at the time, based at the corporate headquarters building of General Electric (GE) Healthcare in Waukesha, Wisconsin. I was responsible for the security and wellbeing of employees at more than 600 properties around the world, including three sites in Israel and one in Lebanon. Calls were coming in from both sides of the battle; many employees were at risk of losing their lives.
However, as the war entered its tenth day, we had relocated more than 1,000 employees and family members out of harm’s way, with the help of our corporate executive team and several strategic partners. This wasn’t an easy task. We were able to continue basic operations with minimal losses in Israel, but all activity in Lebanon came to an abrupt stop. What further complicated matters was the U.S. government’s refusal, or inability, to assist with any form of safe passage from Lebanon. Still, we were able to complete relocations by using several dangerously remote and unpopulated routes to reach Jordan through Syria.
An event of this magnitude—an actual war—is difficult to navigate, and can be wholly draining. While the war crisis proceeded, the company continued to operate, so long hours were a requirement. For three days after that first call, I didn’t get many chances to sleep.
Managing a serious crisis as a group leader can be stressful, both physically and emotionally. It is crucial to recognize that your effectiveness in successfully leading others will diminish if you openly demonstrate indecisiveness, emotional frailty, and operational ignorance during the event.
But it is also important to realize that crisis leadership begins long before the actual crisis occurs. The right preparation is essential for being an effective crisis leader, and for a security executive this groundwork can start from day one on the job. By focusing on preparation, and by consistently practicing certain management best practices, managers can greatly improve their chances of being an effective crisis leader. This article explores these practices and preparation, including building technical expertise, assessing situations, developing relationships with key stakeholders, and training for emergencies.
Build Expertise
Knowing the business you support is the most critical factor to your success as a crisis management leader. Thus, if you’re new to an organization, you should dedicate as much time as possible in your first three months to learning all you can about every facet of the business—from sales to production to market share—and meeting the people who are the driving forces in those areas.
In my career, I have had the opportunity to manage security programs for several companies in completely different vertical markets. Each market change required extended study time. There’s a huge variance in the operational methodologies of security programs at a hospital and a nuclear power plant, for example. Although the core principles of security can be applied to any industry, each line of business retains its own unique characteristics and regulatory framework.
Besides operational knowledge, you must also develop relationships with most of the key process and resource owners who support the business’s primary missions. Once those relationships are established, you should then strive to understand the secondary and tertiary levels of operations, resources, and personnel necessary to keep the business going.
In addition, you should also learn some basic business continuity planning skills and conduct a few business impact assessments. These will allow you a fuller understanding of the potential vulnerabilities and the gaps that may exist in business operations, the contingency plans themselves, and the resource base that will be available when a crisis occurs.
However, conducting a business impact assessment of your company can be a daunting task if you attempt to assess the whole business in a single review. And it can be almost impossible to complete without the full cooperation of nearly everyone in your company. Instead, consider focusing on key revenue streams, products or services that define the company, and significant vulnerabilities that could interrupt these streams and services—such as the sudden loss of a single-sourced major component, a labor disruption, or a stoppage in distribution channels. Even if the assessment seems to have little to do with traditional security activities, it is a great way to learn about the inner workings of your company.
For example, after the Great Tohoku Earthquake struck Japan on March 11, 2011, I was working as a security manager at Paramount Pictures. Due to the earthquake, almost all of the film industry’s specialized magnetic recording and video storage tape became unavailable. Sony, with its entire tape manufacturing business located in Japan, was the exclusive maker of such tape, and its production stopped cold.
This was a supply chain crisis for sure, and we at Paramount were scrambling for tapes. Fortunately, our security team had enough operational and business continuity knowledge to know where to look and who to call. By volunteering to help secure tapes for the many television productions on the lot, our team knew where to find hundreds of new and reusable tapes in dozens of secure storage locations. It was like an Easter egg hunt gone wild. Armed with this knowledge and with very little effort, the security department was able to secure dozens of the remaining tapes, which kept our production teams going until other recording methods were found.
Sometimes, it takes great effort to avoid being constrained into a departmental silo and stuck in the dark when it comes to internal business workings. But the effort is worth it. Get out there and mingle, don’t be afraid to ask questions and build relationships and alliances. Learn the business so you can contribute to its survival.
Assess Situations
Another important component of crisis leadership preparation is staying current on domestic and international events, especially if your company is a global one. Third-party providers of intelligence and communications services can be useful here. Many of these providers even offer crisis forecasting by region and country to keep your team abreast of problem areas.
This global understanding, combined with business knowledge, will allow you to see the big picture and anticipate which operations might be interrupted if a crisis starts to unfold.
Moreover, demonstrating this knowledge improves your chances of being part of the inner circle at your business. For example, as a matter of practice, GE security leaders routinely gathered for periodic operational continuity development sessions. In these meetings, we shared intelligence derived from in-country leaders, paid global intelligence services, and geopolitical analysts. At the first signs of trouble—what we called “a smoldering issue”—the affected business units were identified, and key revenue processes were analyzed for potential impacts and vulnerabilities.
Often, a smoldering issue has the potential to challenge several exposed operational and distribution channels, and the material or human resources they contain. Thus, effective coordination and communication is critical during these initial stages.
Develop Relationships
With sufficient business knowledge and a global understanding, you will be in a position to advise the C-suite on events once a crisis starts to unfold and help your firm be active rather than reactive.
However, this cannot happen if organizational leaders reject an inclusionary approach when it comes to crisis leadership. For example, early in my career, the company I worked for decided to move forward on a major acquisition—the purchase of a competitor’s remanufacturing division. In general, not all security departments are included in every C-suite function; some do not get much visibility into major corporate decisions. This held true in our particular case because the security team was not part of the company’s diligence support team. Furthermore, the security team was not included in the company’s crisis response team, which consisted mostly of legal and financial leadership, supported by communications and customer relations staff.
As a result, the security team was unable to flag any discrepancies that might have shown up in the due diligence process. The division that was purchased turned out to be a fraudulent shell company. When news of the bad purchase reached the press a few days later, our firm suffered a severe financial loss and some reputational damage to its brand.
The incident illustrates the importance of maintaining a wide representation of all business functions on a crisis management team. By emphasizing teamwork and relationship building, a manager can help develop and maintain collaborative channels that will be invaluable during a crisis. Moreover, a well-structured and collaborative crisis management team can incorporate the use of predictive tools, such as event forecasting and analysis, that maximize the chances of avoiding a crisis in the first place.
Even so, if a crisis does occur, successful collaboration between many stakeholders is usually a prerequisite for formulating an acceptable and viable solution. An effective crisis management leader knows where to go to seek out advice from others when considering options to present to company leaders. While it is often necessary to quickly provide solution options during a crisis, it is also advisable for managers to carefully consider all security-based spending decisions, which can sometimes be driven more by fear than by reason after a major event
Once options have been considered and a response plan is approved, a manager needs strong interactive leadership skills to ensure that others buy in and follow the course laid out. As the example of the shell company purchase shows, a collaborative effort can be quickly derailed by preventing a single department, which might hold a critical part of the solution, from participating.
Train
Good leaders make intelligent decisions; great leaders do so consistently. The combination of business operations knowledge and current event understanding will help a security leader make better decisions.
But in the final analysis, leadership is not about making the best decision possible in every instance, or about always being the smartest person in the room. It’s ultimately about your ability to earn the trust of others to the point where they will willingly follow you. Here, effective communication is vital.
In July 2005, four suicide bombers armed with rucksacks full of explosives detonated bombs on the London Underground that killed 52 people and injured hundreds more. Within four hours of the bombings, our security team at GE Healthcare was able to quickly identify—from a pool of roughly 45,000 employees —that 483 were confirmed or expected to be traveling in or about London that day for work. Using our mass communication system, we located all but nine employees on business travel that were in London or had passed through London within an eight-hour window of the bombings.
By other means, we quickly confirmed that the remaining nine travelers were safe. Additionally, some of our employees on personal leave and vacation were traveling in London that day. Because those employees had included their private cell phone numbers in the company’s emergency notification system, we were able to receive confirmations that they, too, were safe.
On the other hand, sometimes crisis pressure can lead to costly communication errors. Take for example, one of the most high-profile crisis situations in recent memory, the 9/11 terrorist attacks. After the planes hit the towers, one senior security manager of a major corporation in New York was overheard saying, “We’re being attacked! I don’t think anyone’s gonna make it out of Manhattan!” The comment started a panic in the entire office building, which took hours to calm.
The example shows that even accomplished managers can succumb to pressure. However, specialized crisis management leadership training can be invaluable in reducing the chances of this happening. Communication is often an important component of this type of training; many programs provide guidance on how bad news can be communicated without embellishment, panic, or fear, and how correct communication can provide stability and hope by demonstrating a confident resolve—indicating that something is being done immediately, or will be in the near future.
In addition, crisis training helps managers better understand the anatomy of a crisis, which is an essential element in remaining rational and functioning calmly. Drills can help build response memory, which in turn helps a leader avoid freezing or panicking.
In cases where in-house crisis training is unavailable, security managers should consider building their own training. With a little research online about crisis management planning, managers can first assemble the basics: contact sheets, resource directories, contingency plans, meeting schedules, and organizational charts. Then, with help from both the legal and human resource departments, the manager can coordinate partnerships with local emergency service and communication providers, and design some crisis training exercises.
Becoming skilled at anything takes practice, and crisis management leadership is no exception. If you ever find yourself in a room filled with managers trying to solve a major problem, don’t be shy; step up to the plate and share your knowledge and experience, and contribute something. This will build on your experience base, and allow you to practice being in crisis situations.
In the end, the best coaches are those who prepare, know the rules inside and out, and can lead their players strategically. Stopping in the middle of a crisis to learn more about the business, means you haven’t learned the business well enough and you aren’t prepared to lead.
Clint Hilbert is the owner of Corporate Protection Technologies, a North Carolina-based private investigation firm. He has served as a security executive for General Electric, Pacific Gas and Electric, and Paramount Pictures. Earlier in his career, he was a commander of protective services for the U.S. Delegation to NATO for the U.S. Army Criminal Investigation Command.