Looking at force multipliers—good and bad.
Security professionals are often advised to leverage their department’s resources through force multipliers. The typical examples include surveillance cameras and awareness training for nonsecurity personnel. But the concept offers considerably more options when viewed in a broader context.
Consider, for example, that time itself can be used as a force multiplier. How so? It has recently been proven that a tiny bit of fertilizer applied to a seed at planting can dramatically increase crop output while reducing the amount of fertilizer needed overall. Call it early intervention. From a security perspective, that’s an argument for doing more orientation and awareness training up front with new employees.
Motivation can also be a force multiplier. It has been shown that a prize, for example, can cause multiple participants to spend their own resources to achieve an objective. It’s estimated that a prize can generate investment worth 50 times its size. Perhaps that’s why the U.S. Department of Defense is offering $1 million to anyone who can produce a wearable power-generation system that soldiers can carry to power combat equipment. Twenty finalist teams were in contention at press time. What might your staff develop with the proper motivation?
Such positive force multipliers can greatly enhance the effect that a small staff can have on an organization’s well being. But the reverse can also be true. The actions of a few employees can have dire consequences far beyond their apparent influence and literal authority within a company.
Consider the case of Jerome Kerviel, the trader whose unauthorized transactions single-handedly cost his employer, Société Générale SA, $7.2 billion in January. Similarly, employee Nick Leeson’s unauthorized trades brought down Barings Bank in 1995. These were not key executives whose actions were expected to have huge ramifications. They were just rogue employees who had learned to circumvent inadequate internal controls.
Disproportionate risks can arise from ill-considered business strategies as well. Consider the case of AIG, the world’s biggest insurer, which had to be rescued by the U.S. government in September. A New York Times analysis blames the failure on a risky insurance product that provided default risk coverage on certain credit instruments. It was developed by one small branch of this huge company. The product generated outsized returns for years, but it also exposed the company to outsized risk—a negative force multiplier of epic proportions.
Former Secretary of State and Chairman of the Joint Chiefs of Staff Colin Powell had as one of his mottos the saying that “perpetual optimism is a force multiplier.” Companies must, however, analyze potential risk scenarios with a healthy dose of skepticism, because while the force may be with the business—it isn’t always a force for good.