“We put too much of a premium on presenting and not enough on substance and critical thinking.”[1] —Susan Cain, Author, Lecturer, and cofounder of Quiet Revolution
After gathering factual information, discussing opinions, listening to others, and really being honest about your core beliefs, what is that final step in the decision-making process? Critical thinking. Thinking critically involves questioning pieces of information, being curious about ideas and issues, and admitting when you might be wrong. This kind of thinking leads to well thought-out decisions and judgments based on logic and reason. It enables everyone to act with more integrity when making decisions, and it’s something we all can work on having.
Critical thinking is important in our daily lives. It helps us make better decisions about the products we buy, the jobs we choose, and the people we associate with. It’s also essential in business situations. It helps teams make better decisions and find solutions that can potentially save their company time and money. It helps managers avoid biases when making hiring decisions. It helps investigators find the real cause of an issue. Ultimately, critical thinking can lead to decisions that make companies more successful and people happier in their lives.
A Major Test
Every decision—whether it’s minute or major—is a test of your critical thinking skills. And I’ve been tested many times throughout my career. But I was in my tenth year running SCCE & HCCA when one of my biggest tests occurred. My CFO and his assistant walked into my office and calmly said, “$1 million was just stolen from our bank account.” They talked as if they were giving an update on the status of our coffee supply. I think they were in shock. That moment began a yearlong period that can be best summed up as the worst year of my career.
Much of the information we had was a bit sketchy, but it appeared that three eastern Europeans remotely took over one employee’s computer and transferred $475,000 to a state bank in Romania . . . twice. I later read in a translated Romanian legal document that when the three people went to the bank to take the money out, the Romanian bank employees became suspicious. This suspicion bought us some time to convince the bank that it was our money and it had been stolen from us.
Ironically, as part of the great change Romania went through after the U.S.S.R. collapsed, the government worked on improving their justice system. Many US judges and lawyers helped them set up a better legal system, and that alliance between the US and Romanian legal systems later turned out to be very important to our organization and our desire to reclaim our money. Thus began the most important critical thinking process I have ever gone through.
Roy-ism: If the lack of critical thinking got you into the mess you are in, then it’s likely critical thinking is what it will take to get you out of it.
I immediately called our board chair to report the issue. We are a nonprofit organization and the board’s immediate responsibility was to hire an attorney to investigate the possibility that staff were involved in the theft. They asked me to report the issue to the local FBI office, which I did. My responsibility was to hire an attorney to help get the money back and a computer forensic specialist to find out how the theft happened, so we could plug our now obvious IT security holes.
I was ready to fly to Romania to talk to the bank before they released the money to someone else. However, one of the first things our attorney told me was that I could do nothing to try to get the money back. Quite often by the time people find out money has been stolen via wire transfer, the money has been transferred again and again. Because of this most people never get their money back.
The lawyer’s logic was solid but it was devastating to me. I felt totally responsible for the mess and wanted to fix it as quickly as possible. I felt responsible because the buck stopped with me no matter who had made a mistake. The minute they told me the money was gone, I realized I had not done enough critical thinking about managing or questioning our IT security. I had focused on other things. My effort in IT security was inadequate and I now knew it. I wanted to fix this. I wanted to get the money back.
Getting Our Money Back
One day, I was sitting at my desk in a state of total despair (seriously, I cannot tell you how horribly I felt). I believed FBI Headquarters could help get our money back (as they often do in these cases), and I wanted to call a connection I had there. With my attorney’s permission, I called my connection and told him the story, saying, “I believe the FBI could get our money back—something that rarely happens in cybercrime cases.” The FBI is a tightlipped organization that follows their policies fanatically, and as a result my connection said very little except suggesting that I call our local FBI agent. I smiled . . . I knew that’s what he would say, and told him, “I already did. Thank you for your time, sir.”
I felt better. For the first time I had a little hope. I was not sure the local FBI was equipped for this sort of thing. I had little faith in the bank. Meanwhile, I worked with our board’s attorney, who was investigating me and working with our board throughout the whole process. As it turned out, myself and our staff were found innocent.
I spent most of my time with the computer forensics specialists, who helped us plug our IT security holes. I was tortured by the fact that I didn’t think to go through this critical thinking process with cybercrime experts to develop our cybersecurity system before the money was taken. This is sadly a common occurrence. People wait until there is a problem and then go through an effective critical thinking process. Oddly, as was the case with me, a very limited critical thinking exercise of our IT security would have prevented the problem. With the assistance of these experts, we immediately implemented several changes to our network . . . any one of which would have prevented the problem in the first place.
Six months after the theft, my CFO and his assistant came into my office. This time they told me the money was back in our bank account. There was no email, phone call, or communication of any kind from the bank or anyone else . . . just a wire transfer to us from the Romanian bank containing all but about $18,000 of our money. Oddly enough, there was no feeling of joy whatsoever—I was still miserable about the whole thing. Then a couple years after the incident I ran into my connection at the FBI. He told me that the FBI was able to help get the money back, as it has done in many cases.