Our best ideas, quick and curated | April 1, 2022
|
Given the geopolitical tensions surrounding the conflict in Ukraine, it’s a good time to remind companies that cybersecurity planning is crucial. Plus, new funding that could help quench US water needs, and a McKinsey senior partner and heavy-metal guitarist on the lifelong joys of rock ‘n’ roll. |
|
|
It’s the call that CEOs dread. A ransomware attack has been launched against the company, vital files have been encrypted, and paying a hefty ransom is the only way out. What used to be considered a fringe threat is now anything but. According to some estimates, ransomware costs could reach $265 billion globally by 2031. |
A four-part strategy. In the United States, ransomware attacks on supply chains rose by 42 percent in the first quarter of 2021, while security threats against industrial control systems and operational technology more than tripled in 2020. To ensure that they remain resilient in this perilous new environment, companies should focus on ransomware prevention, preparation, response, and recovery strategies now rather than later. The payment or nonpayment of a ransom could depend on whether an organization has mastered the basics of these four strategies. |
Sounding boards. Fortunately, leaders are not alone in this fight. Boards can act as a partner. They can engage in regular conversations with company leadership on cybersecurity issues, making sure the executive team is preparing the whole organization for the eventuality of an attack, not simply leaving it to the chief information officer and the technical team. |
The experts are evolving too. Companies and their boards are not the only ones being forced to pivot in the face of more sophisticated cybersecurity challenges. Leading cybersecurity providers have found that they must do the same, adjusting their strategies and their product and service offerings to meet new security objectives. These areas include perimeter security, next-generation identity and access controls, remote access, security automation, and security training. |
Walking the talk. While organizations in most industries have been focusing on cybersecurity for some time, the maturity of their approaches is not uniform. In 2021, McKinsey assessed the cybersecurity-maturity level of more than 100 companies and institutions in a number of industry sectors and learned that while some in banking and healthcare have achieved fair progress, most organizations—in all industries—still have a ways to go to protect their information assets against threats and attacks. |
Practice good digital hygiene. As former US congressman Will Hurd explained to McKinsey last year in a podcast about cyber resilience in the federal government, it all comes down to digital hygiene. “We shower. We brush our teeth. We comb our hair. We do all those things in our personal hygiene, and we should be doing those basic things in our digital hygiene, too.” For government, upgrading antiquated IT infrastructure to meet today’s threats is hard enough, let alone anticipating future attacks. Recognizing the cybersecurity skill sets needed across the federal government is a crucial step. |
Building resilience. Creating and updating a strong cybersecurity strategy is part of a broader attitude toward resilience. The global economy has demonstrated significant resilience through the COVID-19 pandemic, bouncing back faster than expected. Economic momentum remains strong, but organizations are encountering cross-currents in supply chains, workforce availability, inflation, and more. It’s worth underscoring that the foundations of future growth are often laid as societies respond to the weaknesses crises expose. History shows that in times of disruption, resilience depends on adaptability and decisiveness. |
— Heather Byer |
|
|
|
OFF THE CHARTS |
Water, water projects everywhere |
Aging water systems in the United States are in need of significant upgrades. The $1 trillion infrastructure bill passed in late 2021 allocates $55 billion to water initiatives over the next five years. This funding will address dire needs in communities where network pipes are nearly 50 years old and where some cast-iron pipes were installed more than a century ago.
|
|
|
|
|
|
INTERVIEW |
The future of streaming is borderless |
Jeffrey Hirsch, the CEO of Starz, discusses what technology means for the future of streaming, how inclusive programming has been good for business, and why most shows are going to be borderless. “The shows that we’re developing in Spain, we see there’s a great role for them in the US and in Latin America, and in Europe, the Middle East, and North Africa,” he said in a recent interview. “And it is the same with the shows we’re developing in India, where we’re using global casts because we feel those stories can play everywhere.” |
|
|
|
|
Let’s just say that your background is not typical for a management consultant. In your role as a CEO counselor, have you ever thought about whether rock or metal musicians would make great CEOs? |
Despite the fact that rock ‘n’ roll rebels against the 9-to-5 lifestyle, keeping a band together for decades of successfully writing and touring requires levels of collaboration, teamwork, and innovation that most business leaders would envy. I actually cowrote a McKinsey piece about this very topic called “How to Make Your Team R.O.C.K.” We spoke with Nancy Wilson of Heart, who talked about the importance of role clarity. Paul Stanley of Kiss talked about the need for both vision and execution. Roger Daltrey of The Who waxed lyrical about how crucial communication is. And Sammy Hagar talked about the core role of teamwork. I loved his observation about ego: “When someone, or everyone, thinks their ‘thing’ is the most important thing, it all falls apart. When mutual respect is there, magic can happen.” |
As part of the “research” for that article (often a jam session and a drink together), the drummer Matt Starr (who was playing for Mr. Big at the time) made a direct link to being a CEO. “Every serious musician is the CEO of themselves,” he said. “You find others who share the same objectives, get organized, pay attention to details, and prioritize where you spend your time to make it happen. I wonder how many employees in companies have the same drive?” That’s an interesting question to reflect on. |
You were featured in “Rock Camp: The Movie,” which follows campers as they attend Rock ‘n’ Roll Fantasy Camp with some of the legends of the genre, such as Jeff Beck, Alice Cooper, Slash, and Lita Ford. How did that come about? |
I was interviewed for the documentary because I had helped the CEO, David Fishof, when he was trying to improve the performance of his business. The film crew was interviewing me at home, and in the middle of the recording my special-needs son, Jackson, came home from school. Like many with special needs, he has a way of endearing himself to people. He started asking a lot of questions and then, out of the blue, he said: “You know what my new goal is? To play bass at Rock ‘n’ Roll Fantasy Camp!” |
Jackson didn’t play bass at the time, but for fun we walked over to my guitar rack and I tried to show him a few things (very unsuccessfully, I might add). Little did we know that we were being caught on film. A few months later I got a call from the documentary producers informing me that Jackson was far more interesting on film than I was and requesting that he come play bass at a Rock ‘n’ Roll Fantasy Camp being held two weeks later. During that time our whole family lived and breathed helping Jackson learn how to navigate the fretboard and play in time. When we got to camp, to borrow Sammy Hagar’s phrase, “magic happened.” |
You’re one of only a few hundred people to have visited every country in the world. How did you get started on that quest, and has music played a part in those experiences? |
My first adventure overseas was spending a semester of college in Santiago, Chile. I became involved in the heavy-metal scene there (shout-out to Gabriel from the band Dogma!), and when I traveled outside of Santiago, I always brought a charango (a mini-Andean guitar with five strings) with me. It was a great way to meet and entertain people. |
Later, when I started at McKinsey, every time I left the country on a work trip I’d tack on a visit to a new country. I always brought a travel guitar with me, and I learned about a lot of local bands and scenes I wouldn’t have explored otherwise (shout-out to the Spanish band Zenobia!). Over time, I wanted to share the experiences with my growing family, so the guitar was left behind and every vacation was “to somewhere dad hasn’t been yet.” I remember once getting a call from my oldest son’s elementary school asking why he was telling people he went to North Korea on spring break. Even though it was true, I’m not sure they ever believed it. |
In terms of what the journey has taught me, I think the best lesson has come from observing how my children embrace new people, cultures, and surroundings with insatiable curiosity and very little judgment. I strive to be childlike in that way (in addition to my childlike love for heavy metal!). |
— Edited by Barbara Tierney |
|
|
BACKTALK |
Have feedback or other ideas? We’d love to hear from you. |
|
|
|
|
Did you enjoy this newsletter? Forward it to colleagues and friends so they can subscribe too. Was this issue forwarded to you? Sign up for it and sample our 40+ other free email subscriptions here.
|
|
|
Copyright © 2022 | McKinsey & Company, 3 World Trade Center, 175 Greenwich Street, New York, NY 10007
|
|
|
|