Members of the 2018 NACD Blue Ribbon Commission challenged directors to improve situational awareness in the boardroom. Among other recommendations, they urged board members to keep finding ways to tap into fresh, unconventional thinking in order to improve oversight of the risks and opportunities posed by disruptive forces and events, including, but not limited to, the seismic shifts in the way we live and work that are being accelerated by new and emerging technologies. CES®—“the largest and most influential technology event on the planet . . . [and] the proving ground for transformative tech”—is essentially a one-stop shop where directors can gain that situational awareness.

CES® veterans, including a cochair of the 2018 Blue Ribbon Commission, have several tips for fellow board members about how to get the most out of the event:

• Step outside of your industry. In an NACD poll of public- and private-company directors earlier this year, over 60 percent of respondents said their boards’ tendency to focus on known risks (those that management has already identified) is a significant barrier to understanding and overseeing disruptive, atypical risks, including those related to new technologies. Kathy Misunas, a director at Boingo Wireless and Tech Data Corp., had this to say about her attendance at CES® in 2018: “Even if you are not affiliated with what is considered a consumer business, you do serve customers [who] will continue to expect innovation. . . . One of the benefits of being at CES® is being away from daily routines and taking the opportunity to observe and just let your mind cogitate [on] the possibilities.”
• Use the power of peers. Says Jeff McCreary, board member at Benchmark Electronics, “CES® can be an overwhelming show, so attending with a group that is focused on what matters most to you makes it worth it. . . . The opportunity to network with peers is invaluable.” NACD’s CES® Experience program is designed for directors and features small-group tours and debrief sessions where attendees can discuss what they have seen and learned with fellow board members.
• “[Don’t] be afraid to ask the dumb questions.” According to Maureen Connors, board member at Fashion Incubator San Francisco and a former director of Deckers Brands, that’s “the best advice I’d give to anyone coming to CES®.” Kelvin Westbrook, a director at The Archer Daniels Midland Co, Camden Property Trust, Mosaic Co., and T-Mobile and cochair of the 2018 NACD Blue Ribbon Commission, agrees. “While touring the large exhibition floors, there are ample opportunities to interact with, ask questions of, and hear points of view from leaders [making] technological advancements happen. These perspectives may differ from those discussed in the boardroom setting.”

The 2018 NACD Blue Ribbon Commissioners asked board members to reflect on this question: “Am I as personally prepared as I need to be to tackle the responsibilities of a director in the current business environment?” Says Westbrook, “Director education needs to go beyond the boundaries of the boardroom. By taking the opportunity to see a wide variety of new technologies and innovations firsthand, we will be better informed to participate in discussions and better able to appropriately challenge management—and fellow directors—about whether our organizations have the skills, agility, and nimbleness to respond to what’s coming.”

Learn More

Kathy Misunas shares additional details about her time at CES® 2018 in this NACD blog post. Read more NACD blog coverage from our 2018 visit to CES® here, and watch video highlights from Day 1, Day 2, and Day 3. Registration details for NACD’s 2019 CES® Experience program can be found here. Visit www.NACDonline.org/disruption for more findings and recommendations from the 2018 Blue Ribbon Commission.

Simon Parkin, Founder of The Talent Company, A Career Partners International Firm (CPI), has over 20 years of diverse recruitment and talent management experience.  As a CPI Partner, The Talent Company has provided Toronto, Canada with global expertise in talent development and career transition services.  Simon’s team has developed a system to Find, Keep, Reward, and Transition an organization’s employees.  Now Simon has put pen to paper to share his recruiting specialties in his new book Hiring Right, on shelves December 4^th.

None of Hiring Right is theory or blue-sky thinking. Throughout the book examples—some inspirational, others cautionary— are drawn from daily life at organizations around the globe that Simon Parkin and his team have worked with. Simon’s hope is that you will find yourself thinking “a-ha!” at various points, nodding in recognition at others, and highlighting, underlining, and scribbling notes in the margin in every chapter.

“Simon Parkin is a true influencer of our time with his common-sense approach towards talent acquisition.  Any HR or business leader who is serious about propelling their business forward by improving candidate quality, new hire experience, and increased bench-strength of existing human capital, needs to read this book.”  Annamaria DiCesare, National HR Leader of a Global Financial Services Organization

As a special pre-order thank-you, CPI Partners and clients have access to 20% pre-order discount on Hiring Right.  Enter code “TalentCo20” at check out.  Hiring Right is available at Thetalent.co.

The post Turn Recruiting Into Your Competitive Advantage appeared first on CPIWorld.

Envisioning a company’s future is hard and imprecise work. But it’s increasingly clear that dedicating time to think about the future is vital to navigating the disruptive risks that are shaking up industries and upending business models.

During the NACD Lead Director Symposium, sponsored by the KPMG Board Leadership Center, we explored the topic of disruptive risks—such as technological innovation, the Internet of Things, the digital economy, demographic changes, and ecosystem changes—that may threaten the core assumptions underlying a company’s strategy and business model. Approaching the topic from their perspective as board leaders, some 80 lead directors and independent chairs discussed the challenges they face as they lead their boards in helping the company identify and assess disruptive risks and as they prepare to calibrate strategy and change course as needed in an increasingly disruptive business and risk environment.

One of the important insights we heard was an articulation of the key challenge that these disruptive risks pose for boards today: obtaining a view or picture of the future and how that future may impact the company’s strategy. What will the business or industry look like one, three, five, or more years from now? What will be the impact of these disruptive forces on the business or industry, and what risks will these forces pose to the company’s strategy? By gaining a better understanding of the future of the business—the risks and opportunities—boards are better positioned to provide oversight and guidance on the company’s key governance activities: setting and calibrating strategy, monitoring execution, and managing strategic risks.

Our dialogue with the lead directors generated a number of practical suggestions—echoing several of the recommendations made by the Report of the NACD Blue Ribbon Commission on Adaptive Governance: Board Oversight of Disruptive Risks:

Encourage the board, CEO, and senior management to develop an understanding of the disruptive risks that threaten the continuing viability of the assumptions underlying the company’s strategy and business model. What are the most critical assumptions underlying our strategy? What disruptive forces have impacted our industry or adjacent industries, and what lessons can we learn?

Make clear that it is management’s job to educate the board about these disruptive forces and the risks they pose to the company’s business model and strategy. What information does the board receive from management about disruptive risks? Do their reports provide a forward-looking view of changing business conditions and potential risks? Who takes part in the discussions about disruptive risks? Are outside perspectives being heard?

Insist on an assessment of the company’s ERM (enterprise risk management) processes, with a particular focus on how these processes help the company to detect and assess early-warning signals that may indicate disruptive risks on the horizon.

• Does management have regular, systemic mechanisms in place to accelerate the pace of detection of early-warning signals? Do we have people from outside, who bring very different experiences and perspectives, involved in the process?
• Do we engage expert partners to scan for subtle indicators of change, and to provide trend analyses?
• How can we enhance our risk prediction and scenario-planning capabilities?
• Do management and leadership have the talent, skills, and training to manage disruptive risks?

With committee chairs, reassess board and committee structure and processes for overseeing disruptive risks.

• While the full board has responsibility for overseeing strategic risks—and disruptive risks are generally strategic risks—board committees have important oversight responsibilities as well. And committees can bring increased focus and attention where required. Which board committee has responsibility for overseeing each of the disruptive risks management and the board have identified as posing a threat to core strategic assumptions?
• Which committee should oversee management’s ERM processes generally—and particularly the adequacy of ERM processes to help the company detect and assess early-warning signals that may indicate disruptive risks on the horizon?
• Is ample committee and board agenda time devoted to disruptive risks?
• How does the board stay abreast of company and industry developments between board meetings?

As part of the board evaluation, assess whether the board has the “right” composition and culture (in addition to the “right” structure and processes) to provide effective oversight of disruptive risks.

Gaining a better understanding of the future—and the potential impact of disruptive forces on the business and industry—won’t enable the board and management to predict or prevent all disruptive risks, but it will provide greater agility and help position the organization to effectively manage and respond to disruptive risks that do arise.

Dennis T. Whalen is leader of the KPMG Board Leadership Center.

Career Partners International (CPI) is pleased to announce that Learning Dynamics has met the rigorous qualifications to become a CPI firm, bringing their expertise and strong reputation in the Hartford, Connecticut region.  CPI has over thirty years of outplacement and talent development experience, inviting into the global CPI Partnership only those firms who meet our high standards of quality coaching services and client engagement.

“It is our pleasure to welcome Learning Dynamics to Career Partners International.  At CPI we take pride in offering the world’s most effective talent development and career transition services.  Learning Dynamics’ coaches have decades of real-world experience and are proven to meet and exceed our high delivery standards.  They partner with their customers and take the time to understand their unique needs, making them a perfect fit for our organization,” says Doug Matthews, President and CEO of Career Partners International.

Learning Dynamics takes a flexible approach to talent development by offering customized programs in formats that best fit their clients’ workplace.  This high-tech, high-touch approach mirrors CPI’s approach to coaching.  “We are delighted to have been selected as a CPI partner firm.  Our team is very much looking forward to collaborating with the CPI staff and the other firms who are part of the CPI family,” said Jim DeMaio, President of Learning Dynamics.

The post Learning Dynamics Joins Career Partners International to Elevate the Talent Development and Career Transition Market in Connecticut appeared first on CPIWorld.

It’s one thing to know the status of your organization’s cybersecurity defenses, and quite another to know whether they’re enough to protect your business on the virtual battlefield. You can’t prepare a real-world security posture without knowing these three things:

• Where your company stands in relation to your industry peers;
• How your defenses have improved (or not) over time; and
• Which emerging threats are rising.

In other words, context is everything.

Most organizations focus their cybersecurity reporting on tactical matters, such as how much money has been spent, how the dollars were invested, goals that have been met (or missed), and how many threats have been identified and neutralized. While those data points are meaningful to those who are on the cybersecurity front lines, additional data inputs are necessary for board members to understand the business implications of the company’s cybersecurity posture.

When you begin asking the organization you oversee to provide the kinds of benchmarking context outlined above, you may find executives are challenged to give you the answers you need to make informed decisions.

The Answers You Don’t Need

Below are two typical responses you might receive when asking how you stack up against your peers’ security practices, and why they fall short of delivering the context you need.

1. We patched X number of vulnerabilities. While it is always important to know the organization is keeping patches up to date, this information alone won’t give you the full picture of where the organization stands. You need to understand if your critical assets are protected against threats that are currently in the wild—that is, being actively utilized by bad actors.
2. We have everything secured in the cloud. Keeping applications patched and updated is your organization’s responsibility, not the cloud provider’s. Therefore, it’s incumbent upon directors to ensure they have access to ongoing comparative studies. Directors should ask for studies comparing the security of cloud versus traditional assets, year-to-year security progress, and compliance with regulations governing privacy and security, such as the EU General Data Protection Regulation. While receiving assurances that security measures exist in the cloud is nice, this alone tells you very little about how secure your company—and its vendors—happens to be.

The Answer You Need 

“Here is our report on our security progress over the past three years. This shows how we are remediating the most dangerous vulnerabilities on our most critical assets. We’re now able to predict in advance which vulnerabilities are likely to be attacked and deploy our resources accordingly. We can track the progress different regions and business units are making in reducing their cyber exposure. Plus we have insight into how our cyber exposure compares with industry peers.”

This is the answer you seek. It gives you the detail and context you need to make informed decisions about your organization’s cybersecurity strategy.

The only way you’ll know if your security efforts and investments are paying off—or if your company has just been lucky—is to measure your progress. It’s vitally important to measure the state of your cybersecurity investment and policy by business unit, geography, and asset type. Security progress reports are best when they’re updated regularly. Your company’s cyber exposure will change over time due to a variety of factors, including mergers and acquisitions, changes in business models, and the deployment of new technologies. In other words, everything changes fast and your progress reports need to keep pace with organizational change.

Benchmarking will show you where your company stands in comparison to industry peers. If a comparative ranking with industry peers finds you in the bottom quartile, you probably need to commit more budget and resources to come up to industry standard and achieve average protections. If your company ranks in the top quartile, you likely don’t need to increase your budget or buy much. The point is, your decisions should be based on data and not a guess.

Want to learn more about understanding vulnerabilities in the context of business risk? Read the Vulnerability Intelligence Report from Tenable Research.

Leading organizations realize that providing outplacement services shows respect to their former employees, improves retention and engagement with those who remain, and protects their employer brand.  I have yet to meet a decision maker who is not concerned with how business decisions, such as mergers, acquisitions and downsizings, affect their people, making outplacement programs even more valuable.  But, more and more, the conversations about outplacement are centered on the inability to evaluate an appropriate provider.

Outplacement is not a one-size-fits-all service. To ensure a proper fit for both company and vendor, consider the following questions:

What services are provided? Having a knowledgeable professional to partner with and to help guide your employee through unfamiliar territory can greatly reduce his or her search time if the consultant is offering more than talk therapy. Ask about help with resumes, LinkedIn, creating a professional brand, networking scripts, interviewing, job search strategy, career change, starting a business, etc. Ask the potential firm if there will be group sessions, classes, webinars, and trainings as well.

How are services delivered? Many career transition firms are moving to a mainly virtual platform. Virtual coaching can be beneficial for rural workers who don’t have easy access to a coach, and these services are typically are less costly. But, if you are outplacing more seasoned workers or if your exiting employees have not utilized a high-tech platform in their roles, the virtual platform can be intimidating and anxiety provoking. Make sure that the services will be delivered in a way that is familiar and comfortable for your exiting employees.  Most workers find major benefits to direct interaction with their coach.

What are the coaches’ backgrounds? Your exiting employees are diverse. You’ll want to choose a firm that offers a diverse and relatable coaching bench. Ask about the firm’s talent. Are they certified? Do they understand your industry? Are they geographically located in a way that allows them to have knowledge about your employees’ target markets?

Does the firm have connections? Connections are critical to the job search process. Your exiting employees will be encouraged to network. Ask questions to determine if the firm can offer connections to recruiters, hiring managers, and decision makers. Survey the tools, technology, and employees to ensure that you are putting your exiting employees in the best possible position to secure their next roles.

Do you want a vendor or a partner? Choosing an organization to handle your outplacement needs is like deciding on car insurance. Some of us just want the bare minimum, and some of us want comprehensive coverage. If you’re asking what the very least amount of coverage looks like, there are companies that will partner with you in that way. If you are looking for a partner who knows your needs, goals and values and will provide comprehensive care in planning, delivery and reporting of your career transition services, you will find organizations that will provide you that level of service. In evaluating providers, you should consider your end goal.

Choosing an outplacement provider should be done with care. Simply reviewing a proposal may not give you all of the information that you need to enter knowledgeably into a contract. Your potential provider should take time to meet with you, answer the above questions and thoroughly understand your needs. You may find it beneficial to reconnect with your current advisor and reassess the relationship on an annual basis. Remember that the level of service that the provider offers can impact your relationship with your employees and your consumers. Choose wisely!

Written by Andrea Holyfield, Consulting Manager at CPI Partner Warren Averett Workplace

The post Five Questions to Ask When Considering an Outplacement Provider appeared first on CPIWorld.

To stay competitive and relevant in a rapidly changing business landscape, organizations in every industry must navigate an increasingly disruptive, technology-enabled environment. Companies that do not address and embrace new and emerging technologies will be less competitive or may even face obsolescence. Netflix and Uber Technologies disrupted traditional business models by rethinking the way in which service delivery occurred, tapping into new technology capability to empower customers.

Given these challenges to companies, what does innovation mean in this era of digital transformation? Innovation now involves finding the right problems worth solving; building new offerings, business models, and experiences; and generating value at scale for customers.

Furthermore, the rapid digital transformation of advanced technologies such as blockchain, robotic process automation (RPA), and artificial intelligence (AI) now portend similar effects in industries from financial services and healthcare to communications and manufacturing. Boards must become knowledgeable about these digital disruption trends in order to be able to conduct meaningful oversight that management can use successfully as the company embraces new technologies.

Advanced digital technologies bring with them both opportunities and challenges for boards. Consider the following strategies when the organization evaluates or adopts any new, potentially disruptive technology:

• Overcome technology anxiety. Directors and executives who either lack knowledge of disruptive technologies—or lack confidence in their knowledge—stand to allow their companies to lag behind or fall into a state of stasis. This is something no organization can afford in this age. Management can feel threatened or uncertain about jobs surrounding the adoption of advanced technologies. Concerns can arise around the lack of historical evidence and case studies to demonstrate the technology’s value. Management must be confident and equipped to explain how the tools will support the existing workforce, rather than cannibalizing their talents. To support this mindset and approach, the board needs to support and approve major policies focused on empowering management with knowledge around advanced technologies.
• Reduce fragmentation while achieving enterprise-wide consistency in adoption. Organizations tend to assign value and evaluate impact as disconnected activities. In a world where value is created by technology across the enterprise, value and impact should be assigned as part of a cohesive business strategy that embraces advanced technology. Neglecting to do so creates knowledge and skills gaps between teams, causing inefficient business processes and ineffective or sporadic performance, rather than fully functioning, optimized operations. Boards must go beyond fiduciary responsibilities to take a more active role by challenging management constructively on how new technologies fit into the overall organization’s strategic plan.
  Management may focus too narrowly on addressing a problem through technology for a small group of individuals and lose sight of the larger application of the technology, resulting in a varied impact across the organization. The board can provide clear guidance and ensure balance by reinforcing a consistent, enterprise-wide, business-change approach to technology adoption.

• Manage the pace of technological change. The adoption of advanced technologies demands teams that are agile in nature. This process can potentially leave legacy business units behind. For example, blockchain technology can be used to identify the location of any transaction, file, entity, or product at any given time. However, information changes in a data-driven age, expanding quickly and exponentially, which can have a cascading impact on how the organization currently uses the technology. Digital technologies demand organizations to be both agile and adaptable to the new ways of doing business. The board must promote digital innovation when it comes to doing things faster, better, and more efficient. The board must also monitor the pace of innovation to ensure the organization can best manage the change while meeting strategic objectives.
• Define evolving responsibilities and accountabilities. Adoption of advanced technologies can create knowledge gaps and roles changes. For instance, when an organization implements RPA for a particular process, the digital resource (robot) and the human workforce each may have responsibilities to support or execute an element of the process. In order to provide sound oversight of the changes to a business unit, the board must ask management for clearly defined roles, responsibilities, and accountabilities affected by or involving an advanced technology’s adoption and use.

While the board isn’t tasked with the hard work of managing through digital transformation, its members must be cognizant of the policies and decisions made to ensure they aren’t driven by legacy assumptions. Directors must ask the right questions about the technology as well as the broader questions about the company’s information technology (IT) strategy. This, in turn, requires that board directors, senior management, and IT use a shared language to discuss IT performance. Deeper board involvement can serve as a mechanism to cut through company politics and focus management on the large, integrated technology investments needed as digital weaves ever further into the fabric of today’s businesses.

Waqqas Mahmood is director of advanced technology and innovation for the advisory, tax, and assurance firm Baker Tilly.

Executive search professionals hold multiple conversations on a daily basis. But, by using improv, how can we better connect, prepare for, and engage in order to maximize every exchange and relation?

A large part of corporate governance is ensuring that management and shareholders are kept abreast of the financial decisions of the company…

As the pace of innovation pushes business to move faster, companies are increasingly moving more of their information technology (IT) infrastructure into the cloud. Cloud services allow IT departments to scale and leverage specialized software as a service (SaaS) offerings. But what does this mean for security?

In a recent report from Gartner, executives cite cloud computing as a leading concern for risk. The executives surveyed fear data loss and data breach due to unauthorized access or downtime on the part of providers. However, business leaders also find the benefits of the cloud far outweigh any perceived disadvantages, contributing to double-digit year-to-year growth in cloud services, according to Gartner. Indeed, for some companies, a move to the cloud is integral to staying competitive.

Keeping the benefits and challenges of the cloud in mind will help board members best prepare relevant questions for chief information security officers (CISOs). This, in turn, will ensure that your company maintains a strong security posture around cloud services.

Benefits of the Cloud

Economies of scale, specialized expertise around particular solutions, speed to market, and many other benefits have contributed to the cloud’s rapid growth. The benefits include:

• Flexibility. The cloud offers the ability to scale infrastructure according to need without large capital and operational expenditures. In other words, companies don’t have to buy new servers and maintain them and their environment to increase capacity, or keep them around when they aren’t needed anymore.
• Affordability. Cloud services provide a low cost of entry for new functions, making it possible for companies to try new processes and business models, running experiments with a smaller upfront investment.
• Talent. The hardware and security components of the IT stack used by cloud service providers are often maintained by top talent in the industry. For example, Amazon Web Services (on which many providers depend) recruits some of the best talent in the world for its data centers and security operations centers.
• Speed. This includes both quicker implementation and quicker updates. New functionality gets rolled out through SaaS solutions faster using fewer internal resources. The software update process is also handled by the vendor, requiring little to no effort from the customer.
• Interoperability. Integrating disparate SaaS solutions is usually simpler than integrating on-premises solutions.
• Protection. Because cloud services reside in remote locations—and have backups—separate from the companies using them, they help protect data from natural disasters and other local events.

Challenges of the Cloud

Despite the advantages, however, cloud services do come with risks. These spring from services being hosted separately from a customer company’s own IT and security infrastructure. The risk factors include:

• Shadow IT. The very ease and speed of implementation for cloud services lead to one of the risk factors. Software acquired by groups making their own purchases via credit card runs the risk of bypassing the security team, as do cloud-based apps created by those groups.
• Black box syndrome. Services using proprietary systems may or may not meet best security standards while remaining opaque to scrutiny by in-house security teams.
• Outages. Cloud services may also go down, rendering data and important functions unavailable at crucial times with no control over corrective measures.
• Fragmentation. More systems, applications, and instances mean less expertise for any individual system, thereby increasing management complexity.

Managing the Risks

Companies can mitigate the risks associated with moving to the cloud with the right approach. Ask your CISO: “Are these in place at our company?”

• Vendor assessments. Are we interviewing cloud vendors to ensure robust security on their end? Are we interviewing a representative sampling of some of their customers to verify past performance?
• Hybrid cloud-and-premises systems. Cloud services may go down, but local redundancy can help. Do we use hybrid systems that maintain local backups and functionality for critical systems?
• Checks and balances for the shadow IT. Are we flagging or preventing purchases of cloud services so security staff can evaluate them before trusting important data and functions to them?
• Regulatory compliance. Are we taking full responsibility for and ensuring compliance with regulations even when using outside systems (for example, through enforceable language in our contracts with vendors)?
• Trust maintenance. Are we prioritizing our relationships with customers and suppliers rather than letting these relationships suffer at the expense of moving quickly?

Cloud services offer many benefits. As Gartner reports, the cloud “has become a solution for issues that have plagued organizations and overtaxed IT departments for years.” If boards ask their CISOs the right types of questions in the evaluation process, they can consider and mitigate the risks and address any concerns. This will allow their companies to move functions and data to the cloud as securely as possible.

Corey E. Thomas is CEO of Rapid7. Read more of his insights here.