Boeing (BA) reported its first annual loss since 1997 as 737 MAX costs approach $19 billion. However, shareholder value losses have been far greater, losing about 25% of value since the March 2019 Ethiopian Airlines crash. The company is now in the midst of complicated and potentially costly compensation talks with airline customers like American Airlines. These customers have felt the direct effects of the MAX grounding and believe that BA, not their shareholders, should be on the hook for the crisis.
Two issues stand out to us: the role of cyber governance and the lack of transparency around it. As countless reports have documented since last year, BA crashes and the ensuing crisis were precipitated by a new flight-control software system. BA admitted that the new flight-control program, interacting with bad data from the planes’ external sensors, had in both cases (Lion Air and Ethiopian Airlines) pushed the jets into an uncontrollable nosedive. In other words, the problems stemmed from poor cyber governance that itself appears to be a byproduct of larger governance problems at the company. The crisis brings into focus the reality that the airline sector is increasingly reliant upon digital code in new aircraft. Software development is as critical to the safety of an airplane today as the functioning of its jet engines. A Bloomberg report in June found that BA outsourced the development of the code to $9-an-hour temp workers from tech firms HCL Technologies and Cyient Ltd.—a decision that appears to have been driven by cost-cutting.
Such a crisis caused by digital code is not a new issue for the sector. In 2009, the cause of the Air France 447 crash was the transmission of false data from an IoT sensor that failed due to icing.
The crisis makes clear that BA’s success or failure is as reliant upon the effective management of digital technology as any company in the world. Considering the key role that poor cyber governance played in creating the crisis, BA failed to successfully navigate what Cyberhedge calls “the Trilemma”—balancing growth, cost, and security (in this case safety). Cost-cutting was a contributing factor in putting out a flawed product that led to a tragic loss of life. Looking beyond BA, the problem moving forward for investors across the board is a lack of transparency on cyber governance—the financial impact resulting from how companies manage the operational risks of their technology investments. The answer lies in finding the right mix of better regulation and appropriate market solutions.