Resolving the Normalization of Deviance by Building a Culture of Communication

Building a Culture of Communication

Real-time monitoring and corresponding alerts are critical for maintaining the performance and security of today’s complex cloud infrastructures. Given the exorbitant amount of data effective network monitoring can produce, however, a troublesome problem often occurs: organizations and their Security, Operations and Development teams start to develop a normalization of deviance.

What’s a Normalization of Deviance?

A normalization of deviance is an incremental and gradual erosion of normal procedures, and it can lead to dire consequences. The explosion of the Challenger space shuttle in 1986 is, unfortunately, an infamous example of a normalization of deviance (and the resultant investigation is where Diane Vaughn developed this theory). NASA had been testing the limits of the joints on its solid rocket boosters and found they weren’t behaving as expected. Rather than halting the development process and dealing with the booster errors head on, NASA chose to accept the problem and move forward with the launch. This normalization of deviance led to the Challenger tragedy, as it was later confirmed that the O-ring gaskets on one of the problematic boosters were responsible for the disaster.

Cloud Disaster Recovery

The lesson to learn here is that the normalization of deviance stemmed from an organizational failure at NASA at the management level. It’s also a common occurrence amongst fast-growth technology companies and enterprises that are rapidly Scaling their cloud-based infrastructures and adapting their architectures to changing business needs. In these settings, more tools are required to monitor infrastructure as the business grows and evolves and compute needs adapt to keep up. With more tools come more data and alerts, and as a result, operators have to balance the signal-to-noise ratio to ensure their teams can focus on the most important inputs.

The Harmful Effects of Burnout

With alerts coming in from a variety of different systems and tools, Security, Operations and Development teams can sometimes feel as if they’re at an obnoxiously loud party, with dozens of people having different conversations about different things at the same time. Without a systematic approach to compensate for this chaos, these teams can become desensitized, so that even when the system flags a truly anomalous activity, the alert may get ignored.

Burnout can lead to longer response times, create an unmanageable volume of technical debt, and generally have a negative effect on a company’s workforce. Team members who are struggling to keep up with never-ending alerts can experience anxiety, sleep deprivation, cognitive impairment and even increased blood pressure or headaches. A normalization of deviance and resulting burnout can also lead to a lack of interest in solving problems or helping customers, and as a result, negatively impact company culture.

A helpful way to determine if there’s a normalization of deviance in your own company is to watch how existing team members interact with new hires. When a new hire asks about an incoming alert, does your team brush it off and dismiss the problem as nothing to worry about? If so, your team has likely developed the habit of accepting bad practices as normal. This happens. It’s not a reason to upend everything, but a signal that leaders need to discover early and begin corrective action.

How to Prevent Desensitization

Chef CTO Adam Jacobs directly addressed burnout at the 2016 ChefCon: “We should make a conscious and intentional choice to build the future we want to be a part of, with our technology and culture.”

The most effective and long-lasting way to prevent a normalization of deviance from permeating your company and Security, Operations and Development teams is simply to communicate more and ensure those teams are empowered to enact change in their tools and process where needed. The fatigue and numbness that can result from a normalization of deviance is usually easier to spot in others than in ourselves, so be on the lookout for team members who may be struggling. Have burnout and personal health be a regular topic of discussion in one-on-one meetings, and make sure everyone is transparent about how current business goals or customer demands are physically and mentally affecting different teams. Perhaps most importantly, recognize that combating the normalization of deviance requires continuous effort. It’s not a task you can check off and then ignore.

Fast-growth technology companies and their Security, Operations and Development teams are all focused on moving at warp speed, building new cloud-based features and making sure complex platforms scale. But it’s equally important to prioritize building a culture of communication, honesty and improvement in order to catch and prevent a normalization of deviance before it sets in. This negative behavior pattern needs to be addressed, not tolerated, to ensure your company’s security defenses remain ahead of any adversaries’ offensive maneuvers.

By Chris Gervais

Disaster Plan.png
Holiday Photos.png
It’s Magic
The Manuscript.png
JK Chelladurai
Maintain telecom tax compliance The Telecommunications industry is one of the most heavily taxed service industries. In countries such as the United States, providers have to keep on top of Federal, State, and District taxes, ...
Rahul Subramanyam
Fixing AWS: The CloudFix Story A conversation with Rahul Subramanyam. CEO at CloudFix, and CTO at ESW Capital AWS is huge, but it’s not perfect. Because of its size and its approach to innovation there ...
Louis
Bottom Line: Every business needs to resolve in 2022 to treat cybersecurity as a business decision first because the risk to operations and revenue are too great if they don’t. Any cybersecurity prediction for 2022 will ...
Crozdesk Business Software
B2B SaaS Comparison Platforms B2B SaaS Comparison Platforms are designed for buyers looking for additional information on a particular vendor and service. These sites help ease the complexities for buyers by providing a detailed breakdown ...
Dmitry Chekalin
How Much Should a Modern Website Cost? A website is a valuable instrument for growing your business. Your website presents your brand to users. Also, it compels your prospects to become your customers. So, how ...