If you attended last year’s NACD Global Board Leaders’ Summit, you already know that mushrooms really are the new plastic. When Ecovative President and CEO Eben Bayer told an audience of 1,200 directors how his company could change the future of packaging during last year’s Future Trends:Short Takes on Big Ideas, we’re not sure he even believed IKEA would be knocking on his door a mere six months later.
From future trends to big ideas, big data to getting your next board seat, leading through disruption to breaking through bias, the agenda for our largest event of the year is designed with one major thing in mind: keeping you—the director—relevant.
And speaking of relevancy, we’re excited to share our brand-new 2016 NACD Global Board Leaders’ Summit website—your fresh, everything-you-need-to-know-about-Summit headquarters. Before you check out it out, however, don’t miss this 2016 Summit Trailer:
We’ll see you in September!
2016 NACD Global Board Leaders’ Summit | CONVERGENCE
September 17-20, 2016
Marriott Marquis | Washington, DC
Each year I find myself declaring that the profession of directorship has become more challenging than it was in the previous year. I believe we’ve now reached the point where we should recognize this escalation as the status quo, not an annual anomaly. The Securities and Exchange Commission’s director qualification disclosure requirements, the advent of proxy access, and the increasingly public role of shareholder activists have contributed to a business environment in which directors’ qualifications and performance are continually scrutinized.
NACD’s mission is to help directors lead with confidence—and to foster stakeholders’ confidence in their directors’ ability to effectively serve their companies. I’d like to highlight three critical issues that we believe directors—of all company types—should focus on during the year ahead.
1. Director Awareness
The dramatic slowdown in China’s economy, plummeting oil prices, recent terrorist activities, and the rise of the digital economy have put a fine point on the need for directors to be aware of disruptors that may cause a drastic change in sea conditions for their organizations.
No one can be expected to anticipate every potential disruption. (Who could have seen Uber idling around the corner?) But foresight comes down to one deceptively simple practice: asking the right questions. Are board members exploring the possible impacts of a terrorist act on the company’s supply chain, investigating their organization’s vulnerability to a cyber attack, or considering new competitors that can bring products to market faster than ever before and with nominal investment? Throughout 2016 our NACD Directorship 2020 initiative will continue to focus on disruptive forces, putting a spotlight on the issues that may affect your companies in the years to come.
It goes without saying that activist investors have gotten our attention. A record-setting 355 activist campaigns were announced in 2015, including 33 against Fortune 500 companies. Last year was also a record year in terms of activist campaigns resulting in board seats—127 resulted in at least one board seat for the activist or the activist’s appointee. Our own annual survey of public-company directors found that 20 percent of respondents’ boards were approached by an activist investor in the past year. But nearlyhalf of respondents reported that they are unprepared for an activist challenge.
Activists aren’t practicing black magic; they are performing effective due diligence and smart analytics on their holdings. Boards need to think like activists and anticipate the issues these investors may raise. Do your company’s metrics fall outside industry norms? Does your board composition have any perceived weaknesses? Do you engage with management about the assumptions that undergird your company’s strategy? In 2016, NACD will continue to provide resources that can help your boards to anticipate—and respond to—emerging issues.
M&A activity reached record levels in 2015. Given this phenomenon, it’s more critical than ever that boards understand their role in M&A. We believe it boils down to readiness and oversight.
At any given time, directors may need to consider either the sale of their own company or the purchase of another company. The board must carefully weigh all opportunities to buy or sell as part of its routine corporate oversight. Be on the lookout for NACD’s new M&A Board Resource Center, which will be available later this quarter. The center will serve as a one-stop shop to help boards participate effectively in the evaluation of proposed M&A transactions.
NACD Cyber Summit
On a final note, I’d like to call your attention to the 2016 NACD Cyber Summit, which will be held on June 15 in Chicago. With Congress now considering passage of a bill that would require companies to publicly identify the “cybersecurity experts” on their boards, scrutiny of the board’s role in cybersecurity oversight has never been greater. This year’s Cyber Summit will equip directors and management with the tools they need to foster cyber resiliency and confidently oversee cyber-risk management.
If you would like to receive additional resources on the three issues mentioned above or more information about the Cyber Summit, I encourage you to contact your dedicated NACD Concierge. If you have not yet had a chance to meet the concierge assigned to you, give us a call at 202-775-0509, and we’ll connect you.
Thank you for being an NACD member. I wish you a successful year ahead.
Consumers in the digital marketplace rarely think twice about allowing companies access to their personal information, and the companies that are amassing this data are enjoying the unprecedented business opportunities that such access entails. This exchange of information does, however, come with substantial liability risks; that information can easily fall into the wrong hands. This feature of the e-commerce landscape is causing both consumers and companies to ask: Is privacy dead in the Information Age? To explore this question, NACD Directorship Editor in Chief Judy Warner sat down with former White House Chief Information Officer and founder of consulting company Fortalice Theresa Payton during a Monday evening session at the 2015 NACD Global Board Leaders’ Summit.
In short, privacy isn’t dead, but our concept of privacy is undergoing a transformation. Payton said that as business leaders and consumers, we need to have serious conversations about what the new—and correct—lines of privacy are. “We own some responsibilities as business leaders and government officials,” she said. “Data is hackable and breaches are inevitable. Don’t aid and abet hackers.”
It turns out that companies are inadvertently aiding and abetting hackers. First, some organizations fall victim to their own, outdated view of building cyber defenses: Set up as big a firewall as you can around the company’s data assets; install anti-malware and antivirus software—done. This is a losing defensive strategy; it fails to take into account the mechanics of how and why these major breaches continue to happen.
According to Payton, companies with poor data hygiene are the most susceptible to cyberattacks. When companies kept analog files, they would shred records when storage space was exhausted or when data reached a certain age. In a digital environment, storage space is cheap and seemingly limitless, meaning that data could—and probably will—live on servers for years. As time goes on and a company reorganizes, data is forgotten, creating prime points of entry for hackers. Adopting a data-“shredding” strategy is imperative.
In addition, the tools needed to hack into a system have become both affordable and readily available. Now anyone can be a hacker—and those who have chosen this path grow more adept at their craft every day. Taken altogether, this is a recipe for potential disaster.
Payton outlined best practices for maintaining optimal data hygiene:
Don’t keep all of your data in one place. For data you need to retain, “segment it to save it.” In other words, divide that information among multiple digital locations so that if one location is compromised, a hacker hasn’t gained access to the entirety of the data the company holds.
Create rules around when you no longer need data and set a schedule for “shredding” it.
“Shred” any data that you don’t need. Keep only data related to the attributes of consumer behaviors and get rid of the specifics (e.g., names and social security numbers). Doing so will reduce your risk of being held accountable when a breach happens.
Furthermore, she stressed that directors should be sure to ask certain questions as they work with management to hone the company’s cybersecurity strategies:
Have we identified our top critical assets—those that if held for ransom, lost, or divulged, would destroy us as a company?
Who has access to those assets? How do we grant access?
Have we drilled for a cyber breach disaster?
Do we have a liability plan that will cover the board should critical assets be breached?