The daunting and tragically historic challenges of 2020 left many companies and high-level decision-makers facing extraordinarily difficult circumstances and equally difficult decisions. But today, with vaccines rolling out and the end of the pandemic finally seeming more like a realistic goal, it’s critically important that CEOs absorb and apply the lessons they learned from 2020.

In this, the third in a series of posts covering the lessons that businesses can and should learn from a chaotic and consequential 2020, we’ll review what lessons CEOs and other C-Suite executives should learn from the COVID crisis.

Lesson #1: We’re not yet done with 2020

Sure, the calendar says otherwise, but despite the promise of vaccines and a brighter future, the pandemic continues. We probably have a year to 18 months to try and figure out what the new normal is going to be. In the meantime — and probably for some time to come — business leaders need to recognize that there are no quick fixes. The return to a healthy and open society will take time, and political unrest across the country and around the world isn’t going to abate anytime soon. We’ve been though social and political upheaval before, but perhaps nothing on the scale of 2020 — at least not in many decades. Because we’re not yet out of the woods, it’s wise to be prepared for additional shocks. The world is still politically unstable. COVID has exacerbated social, political and economic disparities in ways that have heightened tensions around the world.

Lesson #2: The landscape is changing

Cash management and financial security is a hot topic of conversation among CEOs and other executives. Forward-thinking leaders are reconfiguring their companies with an eye toward being more strategic about cash reserves, and to becoming more efficient. The Pandemic has only reinforced the potential value of automated production, and other new solutions and efficiencies that can make a business less susceptible to pandemic disruption and interruption. When you couple those evolving priorities with automation and AI advances that continues to take off, the result is almost certain to be workplaces and workforces that look very different in the not-too-distant future. But those differences will introduce a range of new potential security risks — both in the near term and in the long run.

Lesson #3: Remote work models are here to stay

The impact of the widespread adoption of remote work and work-from-home employment models will have a profound impact on businesses and risk management strategies for a very long time to come. McKinsey recently reported that the majority of GDP generated since last spring came from people working from home. Other surveys suggest that up to 30% of employees would prefer to change jobs, rather than have to go back to an office environment. With that in mind, now is the time to set up systems and structures to accommodate that. Business leaders need to be spending as much (or more) time and resources strengthening and safeguarding their digital infrastructure as they do with their physical spaces.

Another challenge that comes with remote work setups is the need for leaders to successfully manage productivity and stay connected and cohesive with a team that is no longer in the same room. Motivating your team, maintaining a healthy work-life balance, and building a strong company culture in a remote environment will require a whole new set of management skills and strategies. And, needless to say, with so many people operating in a connected environment, cybersecurity training and best practices will be more important than ever. Scams, hacks and phishing attempts are on the rise, and constant vigilance and training will be the new normal.

Lesson #4: The employment contract continues to evolve

With new work models and flexibility comes more mobility and willingness to leave for new opportunities. Multigenerational management challenges across different demographics is already tricky and will become tougher still with more mobile and disparate work environments. CEOs will need to identify ways to reduce staff overhead, perhaps evolving to more contract work or adapting to more frequent employment cycles. The bottom line is this: how you hire, structure, retain and manage your team is changing — and the risks surrounding those issues are changing along with them.

Lesson #5: Your cyber-vulnerabilities are bigger than ever

The sobering reality is this: no matter what steps they take, companies simply cannot defend themselves indefinitely against a dedicated bad actor with the resources and determination to penetrate their systems. In an increasingly connected world and a global marketplace where political polarization, DOS attacks, and even employee sabotage all present additional threats, CEOs need to rethink their whole approach to cybersecurity. It may be time to start thinking about just how much information and functionality you need to keep online and connected — and to be smarter, more strategic and more thoughtful about what to expose. Alternative solutions like more hard copies, highly restricted access, and decoupled data from the network when access is not essential are likely to become more common. Internal networks that are air-gapped from overseas systems, and phone protocols and alternate network capabilities that can be used in case of an emergency are the kind of built-in protections and redundancies that will be needed going forward. Decision-makers should understand that when they do business in a potentially hostile IP environment overseas, they are essentially giving up their proprietary rights. And they need to ask themselves if short-term gains are worth longer-term risks.

Lesson #6: You can’t rely on the government

It might sound cynical, but 2020 proved that you just can’t count on local, state, or federal governments to help you in a crisis. You need to be self-sufficient. The government is capable of doing big and impactful positive things, but not always in a timely or comprehensive manner. And because the details of what that assistance looks like depend so much on the beliefs and capabilities of specific administrations, relying on government to bail you out is simply too much of a risk. In addition to individual emergency and crisis planning, CEOs would be wise to explore creative solutions such as forming partnerships or coalitions with other companies in their region or industry. Such arrangements, to share services, utilities, and other essentials, could be a game-changer in a future emergency.

Lesson #7: It’s time to rethink risk management

In the wake of a disastrous 2020, many CEOs and executives have expressed disappointment with how their emergency and security programs, protocols and personnel handled the COVID crisis. In many cases, they thought they had a sound plan in place. But 2020 showed that many of those plans didn’t work or were insufficient. Those same leaders are willing to spend money to safeguard their businesses and their teams — but the scars of 2020 have understandably left them highly motivated to seek out the kind of expert guidance that is needed for effective risk management and mitigation. There’s a sense of urgency that’s developing among business decision-makers about the need to become more agile and sophisticated about how to manage risk — to identify, prepare for and respond to impactful events in an uncertain future. Partnering with a trusted and proven security expert who can give you that guidance is one of the best ways to leverage the lessons of 2020.

Published January 29, 2021