9th April 2015:

In my previous blog post I discussed the dangers of groupthink and how, if left unchecked, it can lead to poor decision-making and weak analysis. Drawing upon Irving Janis’ work, the blog post identified three causes of groupthink: cohesion, organizational structural faults and situational factors. I explained how cohesive groups can lead to weak analysis and why it is so important that organizations make efforts to foster a healthy critical culture.

I now want to move on to the second cause of groupthink and try to understand how organizational structural faults may result in manifestations of groupthink.

Organizational structural faults

Let’s face it – ‘organizational structural faults’ does not sound like the most interesting topic, but it’s critical. A failure to address these faults can have a profound effect on the quality of an organization’s analysis and decision-making. Organizations who suffer from groupthink tend to lack three things: impartial leadership, diversity and methodical procedures. All three factors can lead to close-mindedness and concurrence-seeking. Concurrence-seeking describes those individuals who “abstain from disputes and conundrums, especially within conversations or while making decisions” (Psychologydictionary.org).

Lack of impartial leadership

What makes a good leader? There is no single answer to this frequently asked question; different managerial styles will be appropriate for different environments. ‘Directive leaders’ are those who tell team members what they should do and how they should perform the task. This style of leadership is suited to those leaders in organizations where team members have jobs that are less specialized and the extra guidance is necessary. Cyber threat intelligence, however, is a specialized field. As such, this directive style of leadership may need to be tempered. Instead of dictating what they wish to see, leaders should be impartial and avoid stating personal preferences at the outset of group discussions.

It is also important for leaders to foster open inquiry. Directive leaders are likely to insulate individuals from outside sources of information and analysis in the interests of time, efficiency and productivity. Instead of understanding ‘other’ points of view, analysts are discouraged from performing rigorous research. These alternative points of view are critical as analysts must ask themselves “how do I know what I think I know?” It may be necessary to bring in outside experts to challenge core views and expose analysts to alternative ways of thinking.

Lack of methodical procedures

It is not enough to simply state that the organization strives for impartial leadership and open-minded thinking — it must have methodologies in place to ensure it.

Analytical techniques, such as ACH (advanced competing hypotheses) and brainstorming can prove valuable in this respect. Similarly, by enshrining an enquiring and analytical culture at the core of the organization, it forces analysts to think critically and to question assumptions.

Lack of diversity

Diversity is not, as Ron Burgundy once suggested, “an old, old wooden ship that was used during the civil war era”. Diversity is also not simply a lofty sentiment.  Diversity is about how organizations can harness unique backgrounds and experiences to improve the quality of analysis and decision-making. A lack of disparity makes it easier for members to concur on whatever proposals are put forward by the leader.

Unfortunately, the information security community is renowned for its lack of diversity. Those employed in IT security are overwhelmingly white and male. Indeed, a report by (ISC)2 claimed that females make up just 11% of the I.T. security industry. The report found that women believe a successful information security professional should maintain a variety of skills compared to men, who believe technical skills should be the priority. Here at Digital Shadows (now ReliaQuest), over 20% of our employees are female – a figure which is set to increase following our next wave of employees.

Indeed, there should also be diversity in abilities and skills, both social and technical. We’re now seeing far more people from arts humanities backgrounds embarking on careers in cyber threat intelligence. This is a break from the traditional, technical focussed backgrounds of the majority of information security professionals. The blend of technical and social skills offers a new dimension which had previously been lacking.

There’s also cultural diversity. Cyber threats are such a global phenomenon that a failure to understand, first-hand, other cultures would be a severe oversight. In order to do so, it is necessary to have a range of nationalities who are able to point to lesser known cultural nuances. These small differences, which may otherwise go unnoticed, often prove to be game-changers. Our analyst team is comprised of natives from Western Europe, Eastern Europe and the Middle East. This affords us unique insights into global threat actors and their operations.

A diverse range of personal and cultural backgrounds offers organizations new and fresh experiences. The ability to utilize unique resources and experiences within an organization is one that should not be overlooked. Specifically, this helps us to avoid stereotyped views of threat actors and viewing them as “the enemy”. Having a range of backgrounds helps to avoid this unnecessary hype and produce rigorous analysis.

Who cares?

A failure to forge the right organizational structure — where leaders are exposed to and encourage alternative points of view, diversity is harnessed and methodical procedures are in place — will lead to weak analysis and poor decision-making. This close-mindedness and concurrence-seeking often results in individuals failing to challenge prevailing assumptions. In short, it causes sloppy analysis and poor practice.

Therefore everyone should be concerned about organizational structural faults.


The next blog post will look at how stress and past failure lead to groupthink.