Bob: Greg, I have an undocumented but deep-set concern that’s been slowly building over the past few years. It’s that malfeasance is on the rise, and many business leaders aren’t prepared or equipped to deal with it.
Do I have evidence to back this up? Well yes, so long as you accept a Gallup Poll on the subject as evidence. Which I would, except that (1) looking at the result of its survey, Gallup didn’t ask respondents to assess the trustworthiness of pollsters; (2) like so many polls, the results are just the aggregated opinion of a bunch of average schmoes, not experts in the fields being rated; and (3) the closest the survey comes to IT professionals is “Business Executives,” and I don’t think our audience would appreciate being tarred with that particular brush.
What do you think, Greg? Have you seen a decline in ethics among the folks you deal with, whether we’re talking about employees, vendors, clients, or anyone else who would be of interest to KJR’s readers?
Greg: The sad part is, Bob, I think the answer is yes, and I think the trend kinda took off as a result of the events and reckoning we affectionately remember as the year of 2020. In previous experiences around crises, ( and I have experienced a few), a crisis typically will bring people together more than pull them apart. In the current situation, we see more alienation, and anxiety, pulling people apart, and to some degree, making malfeasance more acceptable, as well as more expected. The implosion of FTX, the Bitcoin exchange, demonstrates malfeasance at scale, but also demonstrates that the people involved thought they were nice, decent, and completely within their rights to do what they did.
However, I think there is a solution– and that is for Professions to start acting like Professions again. What do I mean by this?
A smart political scientist accidently defined what a profession was, in order to talk about whether a career was a professional job or not.
He came up with three criteria-
- The career required some sort of expertise, and learning this might require extended practical and theoretical training.
- The career’s impact was substantial to society, and that average people could trust that it would be practiced effectively.
- The person practicing this career could expect to be part of a self-policing community, using its own language and standards of quality.
Somewhere along the lines, we have created new careers (Like IT Management and IT Engineering), where conditions #1 and #2 plausibly exist, but perhaps not having condition #3. Additionally, existing professions (like Accounting) get pushback when they try to update their standards for condition #1.
It seems to me that we need to build some consensus around these points in each profession, but we want to know that the people practicing it are living up to these three points.
Bob: I like where you’re going with this, Greg. There will be a “but” (of course there will!). Before we get to my qualifiers, though, what I like most about your emphasis on professionalism is that it provides a strong initial focal point, where folks who care about curtailing our current spiral into malfeasance embrace can establish what their tribe considers acceptable. And as tribalism is one of the root causes of our current drift, your approach can help facilitate the desired change in culture.
And from there it might encourage practitioners to extend their profession’s ethical code to their everyday lives.
But … (there it is!) we’ll have to deal with your prescription’s chicken-and-egg-ness. That is, a large enough fraction of a profession’s practitioners must want this outcome instead of considering a code of ethics to be confining. And, a large enough fraction of a profession’s practitioners must accept their profession’s governing body and respect its ethical consensus.
Or am I being too pessimistic about the situation?
Greg: I hope that we haven’t gone completely nihilistic, and that we can still trust our “Better Angels” to believe that most people in a profession expect others in their profession to behave appropriately in a professional situation, and are willing to invest in this idea, to some degree. What I think is missing is educating people that a word for what they are expecting exists, and it is “Professionalism”, and that bad actors, who demonstrate malfeasance, should be dealt with, according to condition #3– Who better to detect and correct the issues that CloudStrike had than others in the know, who can offer effective advice?
Goodness, please don’t go cynical on me, Bob! We need to spread the word and ask our own profession to adopt these three conditions, and set an example.
Bob: Someone once defined “cynic” as someone who looks at the world through glass-colored glasses. So … who, me?
Anyway, Bob’s Last Word is that I changed my mind about the best part of your prescription. I now think it’s that it leverages our tribalist instincts to maximum advantage.
I’ll leave the last word to you.
Greg: I like how you suggest using our instincts for good, not for evil! Let’s roll with it.
Yes, IT needs to become a profession. To that end, I commend the people who started the League of Professional System Administrators (LOPSA, see https://lopsa.org/). There was even a movement for third party (not vendor specific) certifications by the System Administrators Guild (SAGE), of which I earned one of the earliest certifications. I believe the biggest hindrance to self regulation is that system administrators and software developers are regularly siloed both by OS / language and by business task. While our employers view and treat us as being separate from one another, it’s very hard to organize as a single group.