Why Managers Should Think More Like Hackers | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

Once while procrastinating at work, I stumbled upon the story of a computer hacker and cybercriminal, Albert Gonzalez. At 14, he was the ringleader of a group of mischievous computer geeks who hacked into NASA, drawing the attention of the FBI. Almost 13 years later, and after very little additional formal training, Gonzalez was prosecuted in one of the world’s largest and most complex identity theft cases — he and his colleagues had stolen more than 40 million credit card and ATM numbers.

What struck me the most about the story was a relatively small detail: Gonzalez wasn’t a gifted programmer. According to his friends and accomplices, he could barely write simple code. What distinguished him from others was his ability to “understand systems and fillet them with singular grace.”

The knowledge and ingenuity of hackers like Gonzalez have been long ignored or purposefully dismissed. Over the past seven years, I researched hacking – I joined online communities, interviewed hackers and cybersecurity experts, and analyzed documents on hacking on media, blogs, books, and online platforms. I found that hackers are systems thinkers; they have an attitude that allows them to identify opportunities to make outsized impacts creatively, quickly, and resourcefully, even in systems that were designed to keep them out. I also learned that hacking isn’t always malicious and isn’t limited to the world of computing. As Paul Buchheit, creator and lead developer of Gmail, once wrote, “Wherever there are systems, there is the potential for hacking, and there are systems everywhere.”

Managers could benefit from thinking more like hackers. Hacking helps us take a step back from the worn-out management tenets of efficiency, long-term planning, hierarchical decision-making, and full information, to adopt instead more adaptable strategies. Adopting a hacker attitude can help managers work around obstacles, find opportunities across siloes, cultivate a culture of pragmatism, mobilize staff around processes instead of end goals, and navigate situations in which there isn’t an obvious answer or clear choice.

Work around obstacles.

It’s human nature to tackle obstacles head-on, but this often results in us banging our heads against the wall or feeling completely paralyzed. The secret of hackers is that instead of avoiding or confronting the bottlenecks that lie in their way, they work around them. Think of the myth of the Trojan Horse: With a workaround, the Greeks didn’t need to break Troy’s gate or walls to get in. It’s no coincidence that Trojan Horse is also the name of one of the most notorious computer hacks.

These workarounds may not solve problems all at once, but they allow hackers to obtain good-enough outcomes — and quick wins can sometimes pave the way for big unpredicted change.

The early days of Airbnb demonstrate how a company can adopt this mentality. The then start-up knew it offered a promising service, but it was cash-strapped and didn’t have a big budget for advertising. The company knew that its target audience — people who needed lodging but didn’t want to stay in hotels — was on Craigslist, which had a massive user base, but fell short on user experience. So Airbnb implemented a clever workaround: Every time an Airbnb host created a listing, Airbnb sent them an email with a link that allowed the user to automatically cross-post the listing to Craigslist. When someone surfing on Craigslist found a listing that originated on Airbnb, they would click on a link that rerouted them to Airbnb’s platform. This meant free site traffic and new sign-ups for Airbnb, both for new listings and for prospective lodgers. Airbnb’s listings were far superior: offering professional photography services for their listings, a more user-friendly experience, and personalized ads. Eventually, users started going straight to Airbnb, ignoring Craigslist for their lodging needs.

Find opportunities across siloes.

Organizations often create or reinforce existing siloes to better assign responsibilities, maintain a steady workflow, and meet the expectations of key stakeholders. Within a silo, employees can produce plans and go through their checklists more quickly. However, they get numb to different ways of interpreting and acting in situations that are all too familiar to them; they live in the near-future tense, always expecting what comes next.

A hacker, on the other hand, does not start from too many assumptions: they explore unchartered territories, and this often allows them to find unconventional pairings that work exceptionally well.

I studied a very hacky nonprofit, ColaLife, whose mission was to increase access to diarrhea medicine in remote regions of Zambia. Diarrhea is the second leading cause of death among children under the age of five in sub-Saharan Africa, and most cases can be treated with cheap, over-the-counter medicines that weren’t widely available. While most health care actors tried to tackle the obstacles preventing access to medicine, such as by improving infrastructure, Jane and Simon Berry, ColaLife’s founders, circumvented them. They noticed that Coca-Cola was widely available in the country, reaching even the remotest places but life-saving medicines weren’t — so why couldn’t diarrhea treatment get a free ride in Coca-Cola crates? They raised funds to test their idea in an exploratory trial in Zambia. As they engaged with Coca-Cola and its bottler in Zambia, SAB Miller, they shifted their plans from merely inserting medicine into the crates of Coca-Cola to making use of the entire system of relationships that made distribution possible. For that, they mapped key actors in Coca-Cola’s distribution, and convinced them that they could make a profit by moving and selling diarrhea treatment too. By thinking like hackers, they used the success of the fast-moving consumer goods sector to address a persistent healthcare problem: In 2019, the partnering pharmaceutical company distributed more than 615,000 kits in Zambia, saving thousands of lives.

Cultivate a culture of pragmatism.

Adopting a hacker’s mindset can help create a culture of pragmatism, valuing experimental and incomplete approaches. Once I met a computer hacker who told me of a time that he wanted to boil an egg for lunch, but he didn’t have a kettle or a stove at his disposal — only a sophisticated coffee machine that combined multiple functions: It was simultaneously a boiler, a grinder, and a milk frother. He looked past the “full” technology and tapped into the part he needed, the water boiler, to make his lunch.

Managers often focus on what they lack, ignoring resources at their disposal that they can repurpose. Hackers understand that resources represent more than hardware; they are also objectified ways of thinking. By valuing imperfection and rethinking an object’s functions, they experiment on the way to new or evolving opportunities. The approaches they pursue may look clumsy, but in the words of Steve Rayner, who was a professor at Oxford University, they “damn well work.”

The engineer Topher White was very hacky when he developed an innovative approach to address one of the world’s greatest environmental challenges: illegal logging. It’s very costly and difficult to monitor the world’s vast forests. But White noticed in Borneo that cell phone service was available even in some of the remotest areas of the rainforest, hundreds of miles from the nearest road. He decided to repurpose old cell phones to “listen” for chainsaw noises. The phones are charged with solar energy and put in protective boxes hidden up in tree canopies, distributed across the rainforest to maximize coverage. Because the phones are connected to a network, when they “hear” chainsaws, they send a real-time alert with the location of the logging to people on the ground, who can catch the loggers in the act.

Mobilize your team around a process instead of goals or outcomes.

Employees may not be as motivated by fat bonuses as many business leaders think. Management scholars have increasingly highlighted the importance of mobilizing employees around purposes that go beyond making a profit — such as social responsibility or a sense of belonging.

A hacker approach can expand on this. Most hackers are not the stereotyped nerds hunched over a laptop, maliciously stealing credit cards. My research revealed that they are, instead, self-organized and diverse groups of individuals who are much more interested in embarking on exciting processes than in a predetermined end goal or ownership of an outcome. This is one of the reasons they often anonymize themselves; hackers want to be recognized by their hacking abilities, “not bogus criteria such as degrees, age, race, sex or position” as one hacker once told me. These hackers enjoy the process of exploring the unknown as they muddle through unchartered territories.

Hackers are very entrepreneurial and run into some of the same governance challenges as more traditional organizations but find different ways of organizing themselves. For example, it’s not uncommon to see open-source, self-run projects that balance the need for accountability and adjudication with collaboration and flexibility — the so-called “Benevolent Dictator for Life (BDFL)” model (originally a reference to Guido van Rossum, who created the Python programming language). Through this approach, anyone can implement improvements and make changes as they move forward but the founder retains the final say in the case of large disputes or decisions.

Just like hackers, managers can identify ways of motivating staff and soothing distress, helping them to make sense of confusing predicaments while also granting people flexibility. This helps avoid unnecessary rivalry for ownership and allows others to enjoy innovation journeys.

Keep it simple — and complex.

Many of today’s biggest challenges are messy. They’re not neat puzzles that can only be solved one way, so it doesn’t make sense to approach them as if they were. As Rick Hickey, creator of the programming language Clojure, said in a public talk: “Overcoming complexity is not work, it is waste.”

Hackers excel in complex situations because they focus on what they call “essential complexity,” or the key properties of the challenge they’ve taken on. They try to strip away the “accidental complexity,” or the unintentional challenges that we often take for granted but that can distract from the task at hand.

Computer programmers taught me that the key to robust software or digital networks often lies in creating and connecting simple components. Think of Legos: They allow multiple assemblages with unembellished and modular building blocks. The more complicated the configuration of a Lego block, the less you can do with it, and the harder it will be to pivot if you change your mind. In other words, simplicity yields usability: with simple building blocks, you can build a castle, a bridge, a house, a Star Wars Millennium Falcon, and many other assemblages.

When managers believe that every complex problem requires a complicated solution, they wind up trying to tackle obstacles head-on and fail to parse essential complexity from the accidental. Some of the world’s toughest challenges are complex because they are constantly evolving and intertwined, and would-be solvers who try to address every facet are bound to come up short. Simplicity won’t make things easy, but focusing on it will make you more adaptive to evolving challenges.

. . .

High-tech companies, like Google, often start off with a hacker mentality, according to Paul Graham, a co-founder of Y Combinator. Yet, as companies grow, once-hackers turn into CEOs and the hacker attitude concedes to management tenets of long-term planning, hierarchical decision-making, the primacy of shareholder value, and the emphasis on efficiency. Exploring new “interfaces” between management and hacking, balancing governance with the free-spirited hacker mindset that allows for challenging the status quo, could help companies preserve the dynamism of their early days as they age.

Editor’s Note (August 4, 2023): This article incorrectly cited Paul Graham as the founder of programming language Lisp. It has been updated.


Click Here For The Original Story From This Source.

National Cyber Security