The Real Test of Leadership Comes When Things Go Wrong
In the world of utilities, we spend most of our time trying to prevent problems—building resilient systems, running maintenance, forecasting demand, and deploying automation. But no matter how prepared we are, there will be times when things go wrong. Storms will hit. Systems will fail. Threat actors will find a weak spot.
And when the power fails—literally or figuratively—the spotlight turns to the leadership team. For CIOs in utilities, those are the moments that define us.
I’ve lived through more than a few of these events over the course of my career, including major outages, cybersecurity incidents, and natural disasters. What I’ve learned is that technical knowledge alone doesn’t carry you through a crisis. It’s calm, cross-functional leadership, clear communication, and trust that make the real difference.
It Starts Before the Crisis Ever Hits
The most important work a utility CIO does in a crisis actually happens before the crisis begins. Building preparedness into your systems, processes, and culture is critical.
That means:
- Creating redundant systems that can take over if one fails.
- Running tabletop exercises and cyber drills with other departments.
- Establishing incident response plans with clear roles and escalation paths.
- Ensuring secure backups are maintained and tested regularly.
- Building strong relationships with regulatory agencies and emergency response teams.
You can’t plan for every scenario, but you can create a culture that’s ready to respond quickly, adapt to changing information, and communicate effectively under pressure.
When I worked at ERCOT, and later at Austin Water, we knew that even with the best planning, the unexpected would still happen. But we also knew that if we had done the work ahead of time—setting up real-time monitoring, strengthening our OT/IT integration, and training our teams—then we’d be able to act fast when it mattered most.
The CIO’s Role in the Eye of the Storm
When things go wrong in a utility, the CIO isn’t just managing IT—they’re helping manage the response. That might mean coordinating cybersecurity response teams, communicating with grid operators, advising executive leadership, or acting as the bridge between technical staff and public relations.
You’re in a high-stakes environment where clarity matters. Your teams are looking to you not just for answers, but for direction and tone. In those moments, quiet leadership is your greatest asset.
Panic spreads quickly. What your organization needs is someone who can assess the situation without drama, make decisions without ego, and communicate with confidence and humility.
I’ve found that during crisis response, three things matter most:
- Clear communication – Internally and externally. Be transparent about what’s known, what’s being done, and what’s next.
- Cross-functional collaboration – IT, operations, customer service, legal, and communications must work together seamlessly.
- Focus on service – Your mission is to restore service and protect people. Keep that at the center of every decision.
Cybersecurity: A Crisis That’s Often Invisible
Some of the most stressful crises I’ve been part of didn’t involve weather—they involved cyber threats.
Unlike a downed power line or broken water main, a cybersecurity incident is often invisible to the public until it’s too late. The system looks like it’s running fine—until it isn’t. And when a breach or compromise occurs, the consequences can ripple quickly across digital and physical infrastructure.
In one incident I managed, we detected unusual behavior in a SCADA-connected system. It could have been nothing—but we treated it as something. We immediately pulled in cybersecurity teams, began isolating systems, and ran threat assessments. Ultimately, it was a false alarm—but because we treated it with seriousness, we were able to avoid real damage and reinforce good practices across the organization.
As CIOs, we must make sure our leadership understands that cybersecurity isn’t just an IT issue—it’s a business continuity issue. It must be baked into every part of the organization’s crisis response strategy.
Communicating with the Public and Restoring Trust
Another critical role during crisis response is managing public trust. While PR teams usually take the lead, the CIO often provides the facts behind the updates—when systems will be restored, how much data was compromised, what fixes are underway.
One of the hardest parts of a public utility crisis is knowing that people are affected—families, hospitals, schools, businesses—and that your decisions are directly tied to their safety and well-being. That’s a heavy responsibility, but also a clarifying one. It keeps the mission front and center.
When systems go down, what the public wants most is honesty and action. They don’t need spin—they need assurance that the people in charge are competent, calm, and working with urgency.
After the Storm: Recovery and Reflection
The final phase of crisis response is one that too many organizations skip: the post-incident review. After the crisis passes, you have a short window of clarity and momentum. Use it.
In every major event I’ve led through, we’ve gathered cross-functional teams to debrief. What worked? What failed? What blind spots did we uncover? Then we turned that feedback into action—updating systems, adjusting response plans, and investing in new tools or training.
A crisis, while painful, is also an opportunity to get stronger. It reveals not just system weaknesses, but leadership gaps, communication breakdowns, and cultural fragility. Addressing those is how you turn a setback into a step forward.
Calm in the Chaos
When the power fails—literally or metaphorically—it’s not the loudest voice in the room that gets the lights back on. It’s the one that’s clear, steady, and grounded in service.
As a utility CIO, you’re not just managing technology. You’re managing trust. You’re leading people through disruption. And you’re doing it all behind the scenes—quietly, but powerfully.
That kind of leadership doesn’t always make headlines. But when it’s missing, everyone notices.