Each year I find myself declaring that the profession of directorship has become more challenging than it was in the previous year. I believe we’ve now reached the point where we should recognize this escalation as the status quo, not an annual anomaly. The Securities and Exchange Commission’s director qualification disclosure requirements, the advent of proxy access, and the increasingly public role of shareholder activists have contributed to a business environment in which directors’ qualifications and performance are continually scrutinized.
NACD’s mission is to help directors lead with confidence—and to foster stakeholders’ confidence in their directors’ ability to effectively serve their companies. I’d like to highlight three critical issues that we believe directors—of all company types—should focus on during the year ahead.
1. Director Awareness
The dramatic slowdown in China’s economy, plummeting oil prices, recent terrorist activities, and the rise of the digital economy have put a fine point on the need for directors to be aware of disruptors that may cause a drastic change in sea conditions for their organizations.
No one can be expected to anticipate every potential disruption. (Who could have seen Uber idling around the corner?) But foresight comes down to one deceptively simple practice: asking the right questions. Are board members exploring the possible impacts of a terrorist act on the company’s supply chain, investigating their organization’s vulnerability to a cyber attack, or considering new competitors that can bring products to market faster than ever before and with nominal investment? Throughout 2016 our NACD Directorship 2020 initiative will continue to focus on disruptive forces, putting a spotlight on the issues that may affect your companies in the years to come.
It goes without saying that activist investors have gotten our attention. A record-setting 355 activist campaigns were announced in 2015, including 33 against Fortune 500 companies. Last year was also a record year in terms of activist campaigns resulting in board seats—127 resulted in at least one board seat for the activist or the activist’s appointee. Our own annual survey of public-company directors found that 20 percent of respondents’ boards were approached by an activist investor in the past year. But nearlyhalf of respondents reported that they are unprepared for an activist challenge.
Activists aren’t practicing black magic; they are performing effective due diligence and smart analytics on their holdings. Boards need to think like activists and anticipate the issues these investors may raise. Do your company’s metrics fall outside industry norms? Does your board composition have any perceived weaknesses? Do you engage with management about the assumptions that undergird your company’s strategy? In 2016, NACD will continue to provide resources that can help your boards to anticipate—and respond to—emerging issues.
M&A activity reached record levels in 2015. Given this phenomenon, it’s more critical than ever that boards understand their role in M&A. We believe it boils down to readiness and oversight.
At any given time, directors may need to consider either the sale of their own company or the purchase of another company. The board must carefully weigh all opportunities to buy or sell as part of its routine corporate oversight. Be on the lookout for NACD’s new M&A Board Resource Center, which will be available later this quarter. The center will serve as a one-stop shop to help boards participate effectively in the evaluation of proposed M&A transactions.
NACD Cyber Summit
On a final note, I’d like to call your attention to the 2016 NACD Cyber Summit, which will be held on June 15 in Chicago. With Congress now considering passage of a bill that would require companies to publicly identify the “cybersecurity experts” on their boards, scrutiny of the board’s role in cybersecurity oversight has never been greater. This year’s Cyber Summit will equip directors and management with the tools they need to foster cyber resiliency and confidently oversee cyber-risk management.
If you would like to receive additional resources on the three issues mentioned above or more information about the Cyber Summit, I encourage you to contact your dedicated NACD Concierge. If you have not yet had a chance to meet the concierge assigned to you, give us a call at 202-775-0509, and we’ll connect you.
Thank you for being an NACD member. I wish you a successful year ahead.
Consumers in the digital marketplace rarely think twice about allowing companies access to their personal information, and the companies that are amassing this data are enjoying the unprecedented business opportunities that such access entails. This exchange of information does, however, come with substantial liability risks; that information can easily fall into the wrong hands. This feature of the e-commerce landscape is causing both consumers and companies to ask: Is privacy dead in the Information Age? To explore this question, NACD Directorship Editor in Chief Judy Warner sat down with former White House Chief Information Officer and founder of consulting company Fortalice Theresa Payton during a Monday evening session at the 2015 NACD Global Board Leaders’ Summit.
In short, privacy isn’t dead, but our concept of privacy is undergoing a transformation. Payton said that as business leaders and consumers, we need to have serious conversations about what the new—and correct—lines of privacy are. “We own some responsibilities as business leaders and government officials,” she said. “Data is hackable and breaches are inevitable. Don’t aid and abet hackers.”
It turns out that companies are inadvertently aiding and abetting hackers. First, some organizations fall victim to their own, outdated view of building cyber defenses: Set up as big a firewall as you can around the company’s data assets; install anti-malware and antivirus software—done. This is a losing defensive strategy; it fails to take into account the mechanics of how and why these major breaches continue to happen.
According to Payton, companies with poor data hygiene are the most susceptible to cyberattacks. When companies kept analog files, they would shred records when storage space was exhausted or when data reached a certain age. In a digital environment, storage space is cheap and seemingly limitless, meaning that data could—and probably will—live on servers for years. As time goes on and a company reorganizes, data is forgotten, creating prime points of entry for hackers. Adopting a data-“shredding” strategy is imperative.
In addition, the tools needed to hack into a system have become both affordable and readily available. Now anyone can be a hacker—and those who have chosen this path grow more adept at their craft every day. Taken altogether, this is a recipe for potential disaster.
Payton outlined best practices for maintaining optimal data hygiene:
Don’t keep all of your data in one place. For data you need to retain, “segment it to save it.” In other words, divide that information among multiple digital locations so that if one location is compromised, a hacker hasn’t gained access to the entirety of the data the company holds.
Create rules around when you no longer need data and set a schedule for “shredding” it.
“Shred” any data that you don’t need. Keep only data related to the attributes of consumer behaviors and get rid of the specifics (e.g., names and social security numbers). Doing so will reduce your risk of being held accountable when a breach happens.
Furthermore, she stressed that directors should be sure to ask certain questions as they work with management to hone the company’s cybersecurity strategies:
Have we identified our top critical assets—those that if held for ransom, lost, or divulged, would destroy us as a company?
Who has access to those assets? How do we grant access?
Have we drilled for a cyber breach disaster?
Do we have a liability plan that will cover the board should critical assets be breached?
The 2015 NACD Global Board Leaders’ Summit officially opened Sunday evening with the bang of drums and the bagpipes of the St. Andrew’s Society of Washington, D.C., a local Scottish heritage association. Their performance was followed by an interactive video experience that challenged the audience to question the borders of the screen. Each of these sensory experiences underlined the theme of the year, Beyond Borders: Leadership Evolved. The opening night keynote speakers–NACD Chair Dr. Reatha Clark King, and philosopher and author, Kwame Anthony Appiah–explored how directors should weather the evolution of the boardroom.
King is a fan of challenges. A seasoned director herself who values the good businesses can do in the world, King centered her message on all the work that boards have done to better the world around us—and the work left to do. “We have been successfully adjusting the trajectory of governance systems and have made improvements, but we still have much to do,” said King. “The board’s agenda gets longer. We offer no encouragement that the agenda will get shorter. Instead we prepare ourselves for the greater demand.”
One of the demands King identified was the need for directors to hold fervently to core beliefs. One among the many she cited was accountability: “I am a student of the word ‘accountability,’ and it looms large in my mind for directors to understand and embrace it.” King asked the audience to also embrace leadership in challenging times in spite of the many chances to falter. Among the recommended ways to lead with strength through governance challenges were the concepts of embracing broader perspectives, finding the courage to do what’s right, and to be brave enough to change if needed.
King’s suggestions for leadership to the audience of more than 1,200 were strengthened by Kwame Anthony Appiah’s discussion on honor. Appiah is author of The Honor Code, a best-selling book that examines four points in history where honor outweighed other forces to catalyze social change for the greater good. Appiah distilled his observations on honor into applications for the boardroom and professional practice as a whole.
At the core of his message was that honor will trump money, regulation, and even the coercion of law to guide a person’s moral compass and that only honor holds up in the face of the greatest ethical challenges that inevitably arise.