IE 11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Titanic Mistakes: Five Pragmatic Lessons from Spectacular Technology Failures

Everyone is talking about the sinking of the Titanic and they should be. Here are five lessons for technology and security professionals from the sinking of the Titanic ...

Everyone is talking about the sinking of the Titanic – and they should be. The people, the stories, the technology, and especially the tragic ending, are legendary. It has been one hundred years since she sank. Books have been written, movies made – and remade in 3D. But somehow, we can’t seem to forget what happened or miss a chance to hear the remarkable, mysterious story again.

Numerous theories still abound analyzing the never-ending question: “Why did it happen?” The very word “Titanic” has become synonymous with words like enormous, monumental, gigantic, massive, huge and immense. But most of us aren’t picturing a monumental home run or an enormous successful product launch. No, the word Titanic has also been seared into our brains as a massive failure.

Here are some Titanic facts: It took three years to build her, would cost about $400 million in today’s dollars and the Titanic was thought to be unsinkable. For the next week, you can see the passenger list free of charge at Findmypast.com. This list records the names, port of departure, occupation, nationality, age, class of travel, destination and country of intended residence of those who sailed from Portsmouth, England, and Queensland, Ireland, on April 10 and 11, 1912.

 Before her maiden voyage, people called her a crowning achievement of human ingenuity. A living, breathing example of man conquering nature, a model to emulate how things could be done and perhaps the finest high-tech marvel of the (relatively new) 20th Century. The ship inspired hope and awe. And yet, somehow, everything went horribly wrong.

While it may seem abrupt to jump straight to “lessons learned,” I believe it is important for everyone living one hundred years later to ponder the question: Are we susceptible to the same problems that led to the sinking of the Titanic? I think the answer is yes.

Other tragic events such the Challenger disaster in 1986 (part of at NASA’s space shuttle program) have most of the same scary characteristics as the Titanic disaster. Every time I watch the actual video of the Challenger disaster on CNN, I somehow hope for a different ending.

The horrible events that took place on September 11, 2011 also have many of these same elements. Yes, terrorists deliberately caused those planes to fly into the World Trade Center towers and there are other differences. And yet, these historic events must cause us to stop and rethink our technological and even security approaches or we will certainly fall prey to the same mistakes again.    

No, these five pragmatic lessons are not new. In fact, several go back to Biblical times. But we humans constantly seem to forget them. Yes, these are also relevant in lesser situations that may not reach today’s global news networks.

Please understand that I am an optimist, I’ve been called a technophile by critics. Nevertheless, we need to learn and apply these lessons for small, medium and large size technology projects at work and at home.

Five Lessons for Technology and Security Professionals from the Sinking of the Titanic:

1)      Pride Comes Before a Fall – Numerous experts start with overconfidence when they discuss the “unsinkable” Titanic. One author describes Titanic Arrogance. Here’s an excerpt:

The first few years of the 20th century, when the Titanic was built, were full of brash optimism based on remarkable advances in science and technology. It was a time of peace, progress and endless promise. Things were getting bigger, better and faster—the age more opulent and prosperous. “What could possibly stop the engines of progress or the captains of industry at their controls?” the book’s prologue asks.

The Titanic thus embodied a spirit of invulnerability characteristic of the times. In fact, when at the beginning of her maiden voyage one of the deck hands was asked whether the ship really was unsinkable, he replied, “God Himself could not sink this ship!”

Wow – sounds like today! Our immediate reaction should be “watch out.” Whether in sports, in politics or in technology adoption, we need to be wary of claims of the invincible. Things can, and certainly will go wrong. The 9/11 attacks used rather simply means to overcome complex technology defenses. We need to hope for the best and plan for the worst. As described before in other blogs, humility needs to be at the top of the list of lessons learned for security pros.

2)      Don’t forget the people and the process – We have heard it hundreds times, successful projects require well-thought out plans for people, process and technology areas. And yet, we always focus on the technology and underestimate the people and process aspects of situation.

In the case of the Titanic, numerous sources insist that the real mistakes happened by the crew after the Titanic hit the iceberg. In fact, one author says the Titanic sunk because of a steering mistake. We make the same mistakes today, but focusing the majority of our efforts on “new black boxes” while ignoring or downplaying the people and process side of the equation.

3)      Thinking Our Invention is “Too Big To Fail” – As noted before, experts felt the Titanic was beyond stoppable – but underestimated the power of an iceberg. Here’s a quote from Michael Kaplan:

The 1,517 people who drowned in the Titanic disaster did not die in vain. In inquiries on both sides of the Atlantic and new international agreements for maritime safety, we began to make the rules necessary for a bigger and better-connected world. We now admit that scaling up size increases complexity; the larger systems become, the greater the likelihood of unseen contingencies. Every project risks its iceberg. Nothing is too big to fail; instead, the bigger it is, the more insidious and thus devastating its modes of failure must be.

Recently, analysts have even been using this “too big to fail” warning to describe our perspective on the US or world economies. I’ve also heard experts discuss similar questions related to the Internet, cloud computing, certain companies or certain local projects that seemed foolproof. Buyer beware.

4)      Health and Safety Comes First – I find it interesting to contrast the beginning versus the ending of the Titanic movie. One cannot fail to be impressed with the beauty and wealth displayed on the ship at the start of the voyage, but none of that mattered when the ship was sinking.

While the list of passengers and their stories is fascinating, the lessons for us revolve around the battle for hearts and minds of the people during emergencies. How well have we planned for various scenarios? What is most important if (and when) things go wrong? Is the focus of our product on the bells and whistles or on what truly matters? How do we communicate? Bottom line: are we prepared?

5)      True stories are always the most intriguing, interesting, relevant and effective for our customers. - Experts are divided on why we are so fascinated by the Titanic stories, but one thing is clear – it really happened. We long to hear about the families, the fortunes lost, those who helped and those who didn’t. There were survivors and brave men and women who gave up their lives for others.

As we try to get the attention of our customers, stakeholder and executives today, we need to ask more questions and learn more about: What has really happened in our field of technology and security expertise. What “real life” experiences have others had? How do we benchmark against others?

 Even when we ask the question “what if” this cyber attack occurred, we tend to talk about the scenario in terms that people understand. For example, we say there is a coming “cyber Pearl Harbor” or an “electronic 9/11.” Why? Because Pearl Harbor and 9/11 really happened. People can relate to those historic events.  

 As a current security professional, I find that most customers want to hear about true stories from other places and how those facts relate to them. We can learn from an historic event that happened 100 years ago, compelling stories that are true can last more than a lifetime.  But have we forgotten what the survivors learned?

 

 

 

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.