10 bad habits CEOs must break for business success

“CEOs and other C-level executives need to understand that leadership starts from the top,” said Mike Sanchez, CISO of UDT. “They can no longer stand idly by and not understand where their organization’s vulnerabilities are.”

10 bad habits CEOs must break for business success

CEOs face many challenges on the job. Here are 10 bad habits they must avoid to help their company maximize favorable outcomes.

March 8, 2018

By Alison DeNisco Rayome

The success or failure of a company—especially a startup—often falls on the shoulders of the CEO. This coveted position is responsible for creating company culture, modeling values, building a senior management team, delegating a number of other tasks, and increasingly, becoming tech-savvy enough to help their companies compete in an era of digital transformation.

Here are 10 bad habits that CEOs often fall into, and why it’s so important to break them, for the good of the company.

  1. Failing to say no

CEOs must stop saying yes to everything, including advice on how to run a business from people in and outside of the company, said Gavan Doherty, CEO and founder of 247meeting.

“It doesn’t have to be rude, only assertive,” Doherty said. “Not saying ‘no’ results in you either wasting time you don’t have in something you don’t believe in, or worse than that, damaging relationships with well-meaning friends and colleagues.”

You can handle unwanted advice by telling the person that you will look into their advice, Doherty added.

  1. Underestimating the cost of IT projects

The cost of implementing a successful IT program, especially within larger enterprises, is often much larger than the initial “ticket price,” said Felix Winstone, CEO of Talkative. Hidden costs arise due to staff payroll, the time invested, and opportunity costs, he added.

“The reason this bad habit is particularly dangerous is due to the immeasurability of the total cost of IT programs,” Winstone said. “Calculating per seat pricing or the total budget for a project is simple. But working out the cost of staff, the amount of time, and the possible investments that you are missing due to committing to this project, are all hard or near impossible to calculate.”

  1. Viewing IT as an expense instead of an asset

If you ask most CEOs if IT is an asset or an expense, many will say expense—a mistake that could shut down the business, said IT consultant Greg Scott.

For example, one company Scott worked with never backed up its email archives, and ended up spending $10,000 to rebuild the archives. Another would not spend money to figure out why Windows server patches failed.

“When IT is an expense and not an asset, CEOs won’t listen to advice and they invariably under-budget IT operations,” Scott said. “Most get away with it because IT is remarkably resilient. But Russian Roulette is a dangerous game and some CEOs pay dearly.”

  1. Delegating cybersecurity strategy without getting involved

CEOs need to stop fully delegating their cybersecurity governance, and move to become chief executive information officers, said James Goepel, vice president and CTO at ClearArmor Corporation.

This can be difficult for non-technical CEOs, but is necessary for keeping the company safe, Goepel said. The NIST Cybersecurity Framework can be helpful. “Many CEOs are simply burying their heads in the sand, delegating their CyberSecurity to someone several levels down the org chart,” he added.

“CEOs and other C-level executives need to understand that leadership starts from the top,” said Mike Sanchez, CISO of UDT. “They can no longer stand idly by and not understand where their organization’s vulnerabilities are.”

CEOs should do the following to keep their company as secure as possible, Sanchez said: Undergo regular cybersecurity training and awareness courses, measure their organization’s overall security posture at least once per quarter, conduct a risk assessment, and consider the risks to the business and the potential financial costs. They should also make sure proper security controls are in place to prevent a cybercriminal from impersonating the CEO and sending emails on their behalf, as well as request that their personal computers utilize encryption.

  1. Undermining diversity

While viewing others equally is part of being a successful business owner, it’s also important to understand the differences that separate employees, said Nate Masterson, marketing manager for Maple Holistics.

“Instead of viewing everyone as the same, try and focus on what special skills and experiences each marginalized group can offer,” Masterson said. “There is a reason why diversity is so important and companies who understand and incorporate this are earmarked for success.”

  1. Cutting corners

Many CEOs become engrossed with increasing short-term revenue, and lose sight of the big picture, Masterson said.

“For instance, shaving production costs or eliminating ingredients may yield more immediate income, but it can prove to be detrimental in the long run,” Masterson said. “A good CEO is able to see every decision in the big picture and make the tough calls to determine the best long-term interests of the company.”

  1. Working 24/7

Many CEOs are unable to shut off after work hours, said Alexander Lowry, executive director of the M.S. in financial analysis program at Gordon College.

“I end up working for hours when I get home often on things that aren’t urgent and important,” Lowry said. “These challenges can plague anyone who works on a close-knit team—not just founders—where a culture of camaraderie and mission-driven, eye-on-the-prize focus is a quick recipe for burnout. If overwork risks becoming a group activity, setting boundaries can be, too.”

  1. Looking to the latest IT fad to solve every problem

CEOs, especially at larger organizations, sometimes look to IT for solutions to all business problems, said Ramy Serageldin, co-founder and CEO of Honeyfi.

“As a result, they get enamored with the latest fad (AI! Blockchain! Big Data!), proclaiming that it will ‘save the company’ or ‘take it to the next level,’ without really understanding what the technology is for or its capacity to solve the core problems,” Serageldin said. “For most companies, technology is part of the solution and it is a CEO’s job to make sure that the different parts of the organization (Ops, Tech, Sales, etc) are working together to have a holistic solution.”

  1. Falling into common cybersecurity traps

CEOs tend to fall into several common cybersecurity traps, Sanchez said. These include sharing passwords with assistants, reusing passwords for multiple work and personal accounts, and uploading work-related material to personal cloud applications. CEOs are also often the first to click on malicious links embedded in phishing emails, and, due to time constraints, often skip cybersecurity trainings and awareness programs. “These are intended for everyone in the company to spot potential cyberattacks and how to properly notify the right people,” Sanchez said.

  1. Ignoring the importance of company culture

Failing to prioritize an organizational culture, or assuming culture will self- manage, is a major bad habit for CEOs to break, said Sam Gerace, founder and CEO of Convey.

“It’s common for a CEO to assume that the organizational culture will take care of itself, especially when things are going well, but by doing that they’re setting themselves up for failure in the long run,” Gerace said. “Aligned cultures can survive resource droughts, talent crunches, rapid and constant changes in the tech industry, and competitive onslaughts. Culture is the best predictor of high-performing teams and result in faster, more sustainable growth and increased team engagement and retention.”

The CEO also needs to drive the culture, and ensure they are not unapproachable or unreliable, said Brian Murphy, CEO of ReliaQuest. “The more human they are, the more engaged they are through digital mediums, training, videos, etc., the more human they become and the more they set the tone and example of what the culture of the organization should be,” Murphy said.

Accomplish More With UDT

Get your custom solution in cybersecurity, lifecycle management, digital transformation and managed IT services. Connect with our team today.

More to explore

Rethinking Cybersecurity: 4 Strategies to Protect Your Business

Discover how to shift your focus to safeguarding raw data in order to strengthen your security infrastructure and protect your business with these 4 strategies.

Your Guide To E-Rate 2023-2024: Application Timeline, Eligibility, and More

As COVID relief funding sunsets next September 2024, the Federal Communications Commission’s (FCC) annual E-Rate Program will become increasingly important for schools and libraries seeking to refresh and maintain their technology stack.

Switching to Windows 11? Then It’s Time To Upgrade Your Devices

Leverage the Windows 11 upgrade to refresh your devices. Discover 4 reasons why a full-coverage lifecycle management solution is key to long-term success.

Improve Remote Work Efficiency and Security With Endpoint Managed Lifecycle

Discover the benefits of Endpoint Managed Lifecycle, which include enhancements to your IT performance and security in remote work setups.

Your Business Needs To Make The Switch to Windows 11—Here’s Why

Technology drives business performance. Delve into why transitioning early to Windows 11 is smart for your business and how it can raise your competitive edge.

5 Reasons Why Every Business Needs A Managed IT Services Provider

Discover the ways Managed IT Services can optimize your business processes, foster sustainable growth, and ensure future readiness.

Experiencing a security breach?

Get immediate assistance from our security operations center! Take the following recommended actions NOW while we get on the case:


  1. Determine which systems were impacted and immediately isolate them. Take the network offline at the switch level or physically unplug the systems from the wired or wireless network.
  2. Immediately take backups offline to preserve them. Scan backups with anti-virus and malware tools to ensure they’re not infected
  3. Initiate an immediate password reset on affected user accounts with new passwords that are no less than 14 characters in length. Do this for Senior Management accounts as well.

Just one more step

Please fill out the following form,