What Senior Leaders in Energy Are Actually Worried About

I asked senior leaders in energy and critical infrastructure five questions about how decisions really get made in their organizations. The responses were specific, candid, and in some cases uncomfortable.

This is not comprehensive research. It is early signal. But the patterns are sharp enough to share.

The AI Trust Gap Is Real and Growing

Multiple people raised the same concern independently: AI outputs are being treated as validated facts when they have not been put through the same rigor as traditional analysis.

One leader described it as a gap between clearly validated facts and information extracted from AI tools that have not been put under the same level of validation but are sometimes shown with the same degree of hardness.

Another said: We know AI makes mistakes and hallucinates, and that can clearly be dangerous when we are making critical risk-based decisions. We must still heavily test and verify any AI outputs.

This is not technophobia. These are people using AI actively in their work. The concern is about organizational discipline eroding faster than the technology is improving.

The question is not whether to use AI in risk functions. The question is whether your organization has the discipline to use it without breaking things that already work.

A third respondent laid out a clear framework. AI is excellent for processing narrative safety reports and stress testing investigation thinking. It is not ready for rewriting safety policies or making critical design decisions without heavy human oversight. The problem is that organizations are not making that distinction consistently.

What ties these responses together: the people closest to the risk see the gap. Leadership often does not. And the gap is widening.

Stated Process and Actual Decisions Do Not Match

Organizations have formal risk frameworks that leaders say they follow. But when pressure hits, those frameworks get overridden. Respondents described company-wide QCDSM (Quality, Cost, Delivery, Safety, Morale) and SQDC process (safety, quality, delivery, cost) in that order. In practice, delivery and cost go first. The stated priority is quality/safety. The actual priority under pressure is schedule.

Another talked about teams over-indexing on financial impact rather than safety impact when the stated priority is the opposite.

The problem is not that the frameworks are wrong. It is that leadership behavior under pressure teaches the organization what actually matters. And it rarely matches what the policy says

Leadership behavior under pressure is the real policy. Everything else is aspirational.

One response captured the dynamic clearly: If QCDSM / SQDC is the company-wide process to follow, executive leadership needs to consistently follow it as well even when inconvenient at times to their priorities.

The gap between stated values and actual behavior is not subtle. The organization sees it. And it shapes every decision downstream.

The Risks Being Underweighted Are Structural, Not Exotic

When asked what risk their organization is currently underweighting, no one said cyber threats or geopolitical instability. They said:

• Decision overload and digital noise overwhelming leadership bandwidth

• Execution capacity. The organization cannot scale fast enough to handle the volume of work coming through

• Process compliance mistaken for actual risk management. Teams checking boxes on regulatory requirements without understanding the intent

• VUCA externality (volatility, uncertainty, complexity, ambiguity) that do not fit traditional scenario planning models

These are not the risks that make it into board presentations. They are the ones grinding daily operational effectiveness down while everyone is looking somewhere else.

One leader said it directly: The biggest risk is the constant barrage of digital noise we face. I get 100 emails, texts, mailings, and problems in a given day. This mires progress in dealing with things that waste my time and create no long-term value.

Another described teams risk-assessing whether or not to comply with external regulations that are mandatory. We are missing the point of both the regulatory requirement and the risk management process, over indexing on the process over the intent.

The unglamorous structural risks (decision overload, execution capacity, compliance theater) are the ones actually breaking organizations. And they are almost never in the risk register.

The Leadership Culture Problem No One Is Naming

The sharpest response came when I asked what leaders would change about how their teams make decisions under uncertainty.

One answer stopped me:

Do the right thing, not the politically correct thing. Put the integrity back into the decision-making process. Too much group think. Teams assuming that the right mitigation will not be approved, so they do not even present it. We also place too much emphasis on whether the risk scenario has actually happened to us recently, rather than considering the presence and effectiveness of controls and safeguards that are actually preventing it.

Read that again. Teams are not presenting the right mitigation because they assume leadership will not approve it. That is not a risk management problem. That is a trust problem. And it is cultural.

Another leader said it this way: Trust your team to educate leadership on forming a solid basis for decisions. Follow the facts and the qualification and quantification of impacts.

The gap is clear. Senior teams know what needs to happen. They do not believe leadership will support it. So they do not present it. And the organization slowly optimizes for what gets approved, not what is right.

What This Means

These are not statistical findings. This is qualitative signal from people operating at a senior level in complex, life-sustaining organizations. The patterns are too consistent to dismiss.

The AI trust gap is real. The stated vs actual process gap is real. The underweighting of structural, unglamorous risks is real. And the leadership culture problem, teams self-censoring because they assume the right answer will not get approved, that is the through-line connecting all of it.

Most advisors treat risk, change, and delivery as separate disciplines. The problems that showed up in these responses live exactly where those three things collide. That is also where the fixes are.

If this reflects something you are sitting with, I am happy to think it through with you.