Are managers necessary? Startups rarely have the luxury of managers, let alone employees, while small to medium companies would seem to need more individual contributors than supervisors. In the larger enterprises, how many layers are necessary between the individual contributor and the CEO?

Layers and layers and layers of management makes for a tall cake, but do we need a tall cake? Are employees lost in the shuffle, burning out and moving on?

Gallup noted in 2015 how they had studied, over the course of two decades, “performance at hundreds of companies and measured the engagement of 27 million employees and more than 2.5 million work units.” And they still had not “unlocked the mystery of why performance varies from one workgroup to the next.”

What they did unlock was the fact that an engaged workforce is a more productive workforce, which is no surprise, but their statistics showed that 70% of employees are not engaged in the US, and 87% worldwide. In Gallup’s report, “State of the American Manager,” stellar managers empower their employees to succeed, holding them accountable and responsible.

Monster’s 2016 survey found that 32 percent of employees described their manager as “horrible.” That’s not good.

We’re talking here about managers with that title who actually manage a team. There seems to be a growing trend, particularly in startups, to offer the management title to new hires with no plan to put them in a management role by giving them a team. Perhaps the term “manager” is now being used as an inflated title to incentivize new hires to the chaos of the startup world?

The Association for Talent Development (ATD), in January 2017, highlighted how managers who create high-stress environments are shooting themselves in the foot. This is evidenced by the 550 million workdays lost, according to the American Psychological Association, because of stress on the job. The ATD continues: “Workplace stress alone leads to a 50 percent increase in voluntary turnover.”

What Constitutes a Bad Manager?

A careers expert, Vicki Salemi, was interviewed by Today in 2016. She provided the following as clear warning signs you may have a bad manager in your midst:

Someone who gets angry very easily,

Is impatient or indecisive,

Overly dramatic,

Toxic,

Controlling,

Throws employees under the bus,

Takes credit for employees’ work,

Lacks self-awareness,

Plays favorites; or

Micromanages

Burnout and High Stress

Now these findings are general findings across all industries. Is the cybersecurity industry unique in anyway? Not really.

Each year we read of how burnout of employees, managers, and CISOs is very real. The plethora of security breaches and miscues have evolved an environment of “When, not If” a security crisis will occur.

This contributes to a high-stress environment. But, other industries also have on-demand and short fused response times, and they too have high-stress environments in which to navigate.

Scott Adams’ “Dilbert,” the sarcastic cartoon character on management peculiarities, contributed legions of frames to the value of “meetings” and “employee retention.”

The Harvard Business Review calls employee burnout a company not an individual problem. They go on to describe how many companies write burnout off as managers needing to manage their talent more efficiently. The reality, says HBR, is that burnout is an organizational issue.

What are the contributing factors to high employee burnout? The HBR tells us three factors are in play:

Excessive collaboration

Weak time management disciplines

Tendency to overload the most capable with too much work

The guidance HBR provided on addressing these three factors is applicable to all, but should resonate loudly with those in the high-impact, high-stress environment of cybersecurity.

Excessive collaboration is driven by too many decision makers and too many decision-making nodes. That cake we described… the taller the cake the more excessive the need to collaborate. The cure? Reduce the number of nodes, removing organizational speedbumps.

In addition, HBR recommend adoption of an Agile approach to identifying critical activities, so that employees are always contributing to that which is most important, and those “less important priorities” are always being pruned.

Weak time management skills manifest themselves when employees are left with the conundrum of figuring out what is the priority. Can your employee call off an unnecessary meeting? Frustration and burnout may be over the horizon. To counter this, HBR’s recommendation is to provide the individual contributor a bit of autonomy and ownership.

Those who are most successful, are given the opportunity to be more successful. While complimentary, it is also the easy path to burnout. HBR notes, “The overload problem is compounded for companies because the best people are the ones whose knowledge is most in demand and who are often the biggest victims of collaboration overload.”

The line managers, when empowered, can adjust the above. Training and education on the tools available to facilitate corporate change should be a constant within each company. Doing so serves to increase retention and provides customers and clients exactly what they expect and more.

In cybersecurity, where we find many startups, those employees who have been at the company for a “long” time (say, a year or more in the startup world) find themselves in collaboration overload due to the institutional knowledge they possess.

Another major factor that makes management a major concern for the cybersecurity industry is the shortage of skilled information security professionals, which is not going to dissipate anytime soon. Investing in managers and employees is no longer negotiable. They remain your most valuable investment.

Your managers are your linchpins, so make sure you have only what you need and don’t add non-productive dead weight to your manning table.



About Christopher Burgess

Christopher Burgess (@burgessct) is an author and speaker on the topic of security strategy. Christopher served 30+ years within the Central Intelligence Agency. Upon his retirement, the CIA awarded him the Career Distinguished Intelligence Medal, the highest level of career recognition. Christopher co-authored the book, Secrets Stolen, Fortunes Lost - Preventing Intellectual Property Theft and Economic Espionage in the 21st Century (Syngress, March 2008).