Found at /www.strategy-business.com
Author: Paula Loop
It is the end of a long day of board meetings, and the company’s chief information officer is making a presentation, at the board’s request, about the major technological investments the company is considering.
Halfway through the deck, the CIO mentions ransomware, then says, “Criminals are raking in hundreds of millions through these scams…”
A board member stops him. “That’s the first I’ve heard of this term. Are they actually holding people against their will in our IT department? Are they taking the general ledger hostage? How serious a threat is this?”
“It’s not that kind of ransom,” says the CIO. “But it’s pretty serious. An intruder gains access through a phishing scheme, uses someone’s password to breach the firewall, locks up the operating system so legitimate users can’t gain access, and then demands payment to remove the malware.”The board member doesn’t quite follow the jargon, but lets the CIO move on to the next topic: the company’s plan to mitigate this risk, in part by tracking the online behavior of all visitors to the company’s cloud-based sites.
Much of that discussion is lost on the board members as well.
They already knew something about ransomware just from their general news reading, but this is the first time they’ve heard an introduction to its ramifications for their company. And cybercrime is only one of the technological issues facing them. Artificial intelligence, the Internet of Things, drones, 3D printing, predictive analytics, and driverless cars are also on the horizon, poised to dramatically affect the way this company competes and creates value.
The board can’t judge the ramifications effectively unless its members are kept up to date, and they haven’t set that time aside.
Today’s rapidly changing technology environment often has boards scrambling to keep up. For example, most of the respondents to PwC’s 2016 global survey of CEOs said that the most direct path to meeting customers’ changing demands is investing in data and analytics — a new area of inquiry for many board members. By necessity, boards are more engaged with technology and digital transformation than ever before, and the directors are still scrambling to catch up. According to Spencer Stuart’s annual board index, the average age of a director at a public company is 63, and the majority of public company directors aren’t sitting executives who work through technological advancements in their day jobs.
Given the pace of technological change, how can boards really be on top of their game unless they are continually brought up to speed?
This situation is no surprise to directors. Only 71 percent of those polled in PwC’s 2015 annual survey of corporate directors say their company’s IT strategy and risk mitigation approach is supported by an adequate understanding of IT at the board level.
What’s the solution?
Should we, as writers Chunka Mui, Toby Redshaw, and Olof Pripp suggest, add sitting directors with technological knowledge as their primary credential? Or should we push companies to prioritize IT awareness and devote elements of board meetings to IT education?
The best answer lies in doing both things at once: recruiting more technical expertise onto the board while improving the quality of technology-oriented conversations in general.
My point of view: Board should have a profound understanding of technology (and that includes knowledge of digital and its foundation ICT)