Five risk-related concerns boards and CEOs must manage in 2017
By Theodore L. Dysart and Katie Graham Shannon

In this brave new world the challenge for companies is enormous, the possibilities are nearly limitless, and the risk of being marginalized is high.


Boards and CEOs will have their hands full managing potential risks in the coming year. Some of those risks, like cybersecurity, are perennial issues that will increase in intensity and urgency. Others, like the fallout from a rapidly changing political landscape, are of more recent vintage. But all of them, say the directors we talk with, will require acute attention. Five of the most critical include the following:

Digital Disruption. In almost every industry, digital technologies will continue to upset business models, alter the terms of competition, compress strategy cycles, and set in motion unforeseeable developments. Consider, for example, the explosion of interconnected computing power now transforming industry. Through the cloud, the Internet of Things (IoT) connects billions of devices and machines that share information with other systems to make each device smarter and more capable. Meanwhile, artificial intelligence (AI) is rapidly changing the nature of work humans do — consider driverless vehicles or the fact that most legal discovery work today is done by computer algorithms.

Operating without emotion or ambition in networks, machines and algorithms can constitute efficient teams with or without people and work across product lines and P&Ls. These developments have profound implications for countries, workers, and companies. Japan, for instance, may be able to overcome the crippling effects of its low birth rate by using machines to compensate for the scarcity of young workers. In the U.S., up to 3 million truck-driving jobs may disappear.

In this brave new world the challenge for companies is enormous, the possibilities are nearly limitless, and the risk of being marginalized is high. Directors can begin to confront it by asking some high-level questions: How adaptable is the organization to address rapid technology-infused transformation? Will our organization’s culture be a help — or a hindrance? Do we have the new capabilities and the acumen in strategy, technology, marketing, and communications to be the digital disruptor instead of the disrupted? We may see a partial answer to those questions in the convergence of the CIO, CTO, and CDO roles to spur customer-centric digital transformation throughout the organization.

New Levels of Cyber Threat. In a speech at the U.S. Naval Academy last year, James Clapper, then the country’s director of national intelligence, said that the cyber threat had surpassed terrorism as the No. 1 threat facing the nation.

From individuals to criminal gangs to nation-states, bad actors are far ahead of most organizations’ defenses. And the scale of attacks continues to grow: Last fall an attack against an Internet infrastructure provider crashed a large portion of the U.S. Internet, including major sites like Airbnb, Facebook, Twitter, Spotify, PayPal, and Reddit. As the “digital IQ” of an enterprise grows, as with the Internet of Things, so do the opportunities for breaches. And as tensions mount between the U.S. and its adversaries in cyberspace (as in our most recent presidential election), companies in critically important industries could be swept up in geopolitical cyber conflicts.

For boards, the continuing escalation of cyber threats will mean more time for cybersecurity on the meeting agenda. For chief information security officers (CISOs), it means a role that is more important than ever, that expands to include both information and physical security, and that increasingly requires a full set of leadership skills, including the ability to incisively present cybersecurity issues to the board.

Boards and their CEOs may also consider whether they need a chief intelligence officer to lead both cyber response and intelligence from a threat intelligence center. The ideal candidate will have grown up in a government intelligence agency and then moved into the commercial world. Because such candidates are in short supply and difficult to attract, firms might be well advised to locate their intelligence center where the talent is — Boston, Washington, D.C., northern Virginia, Silicon Valley, Tel Aviv, and the like.

Political Fallout. Brexit in the U.K., the election of Donald Trump as president of the U.S., and the rise of nationalist parties in many parts of the world indicate a strong countercurrent to the past 40 years of globalization and increasing economic integration that have driven much corporate strategy.

Britain’s exit from the European Union (EU) could not only profoundly affect the nation’s financial services but also affect business globally. Once British Prime Minister Theresa May invokes Article 50 with the EU, the country will have only 24 months to negotiate its exit and strike bilateral deals with the 53 countries with which the EU has free trade agreements. The EU’s negotiating position will be driven by a desire to discourage other EU members from leaving. At least 10 EU members — Hungary, the Czech Republic, Slovakia, Greece, Cyprus, Spain, Bulgaria, Romania, Portugal and Austria — might insist on holding their own referendums. In the U.S., the new president has promised “fairer” trade deals, fewer regulations, massive corporate tax reduction, and repercussions for U.S.-based companies that move jobs abroad. Further, the country’s relationships with China and Russia appear to be in flux, introducing additional uncertainty.

These upheavals in the political world will require boards to marshal all of their collective global wisdom and international experience. They will need to look beyond the direct impact of these events to the ripple effects in their industry sectors. Their role as a strategic sounding board for management will become more important than ever as companies consider quickly pivoting to sidestep new risks, seize opportunities, and leverage resources and people to adapt to new political realities and operating environments.

Activism 2.0. Although many activist funds have underperformed the market recently, many directors tell us that they expect activist funds to remain a force to be reckoned with, noting that many of the largest funds have not yet deployed much of the capital raised over the past two years. Further, activism is increasing: 463 companies received public demands from activists in first six months of 2016 compared with 637 in all of 2014. In the U.S., activists demanded board seats at 157 companies in 2015, up from 120 in 2014. Eighty-one of those demands in 2015 were settled amicably, while 76 involved some degree of resistance from the companies, and proxy fights went to a vote at 23 companies in 2015 (versus 19 in 2014).

The good news is that while some activists continue to operate from the old “greenmail” playbook, many more are interested in constructive engagement aimed at unlocking shareholder value. Activists may approach a company with a thesis for growth or transformation and be prepared to invest their own capital if they find that the board will sincerely listen and act on smart guidance. Activists also increasingly are open to director candidates who are not directly affiliated with the activist fund but have the right background to advocate for the desired change.

The challenge for directors when confronted with an activist is to maintain their independence as they consider how to engage. As one long-time director says, “If during an encounter with an activist you are listening only to management, you are probably the least informed person in the room.”

Increased Accountability. Boards find themselves in the spotlight more than ever. Scandals and other governance disasters on their watch mean not just a black eye for the CEO but also for directors. Though litigation targeting individual directors is relatively rare, reputational risk is real and can be severe. Directors at a company in protracted crisis may be professionally tainted; they may become less likely to be chosen for boards in the future, and what they say and do may show up on the news.

Directors will also have their feet held to the fire over the issue of board diversity, as African-Americans, Asians, and especially Latinos continue to be under-represented. Women have made some gains in recent years — nearly 30% of new appointees to Fortune 500 boards in the past two years have been female. But women still hold only about 20% of the total number of seats. In the face of these figures and the need to periodically refresh boards, term limits and mandatory retirement ages will continue to be debated inside and outside boardrooms.

In this climate of increased accountability, directors will likely find themselves devoting more time to their duties — even at strongly performing companies. This will require that they fully exercise their oversight responsibilities without crossing the line into managing the business.

There is perhaps no touchpoint where directors can take more effective concrete action without meddling than in succession planning. Rather than address succession as needed and one role at a time, many boards have already begun to take a more comprehensive approach. They have conducted emergency CEO succession planning and periodically revisit it to make sure they are prepared. At the same time, they take a multi-year, fluid approach to foreseeable succession planning, combining executive development with external benchmarking. They keep a constant pulse on the external talent market versus internal in order to gauge the continually changing leadership needs of the organization, particularly in a disruptive environment. They keep multiple options available when it is difficult to anticipate changes or challenges that may arise. They seek more exposure to internal candidates below the CEO and CFO. And just as important, they treat board succession strategically, considering the company’s long-term direction against present and future board composition.

Be prepared
No one can predict precisely how the year will unfold. But it is safe to say that in 2017, as in past years, the bar for director performance will continue to rise, the issues within the board’s purview will continue to proliferate, and sudden shocks will vie with fundamental duties for attention. Boards that are prepared to address these risk-related concerns and the issues of talent and leadership they entail will greatly increase the chances of comfortably clearing that higher bar — and confidently meeting the challenges yet to emerge.

The authors can be contacted at and

Katie Graham Shannon is global practice managing partner of Heidrick & Struggles’ Information & Technology Officers Practice, based in Chicago.

2017 First Quarter

Other related articles

  • The Business Case for Clawbacks
    Published April 20, 2018
    By Kathryn Neel, Seymour Burchman, and Olivia VoorhisIn the world of corporate governance, a string of recent corporate scandals has highlighted the criticality of effective risk management and the po ...
  • The CEO Pay Seesaw
    Published April 20, 2018
    Balancing CEO comp satisfaction, pay ratio disclosure fallout, and intensifying scrutiny over big and inequitable paychecks.By Eve TahminciogluFew boards would appreciate the recent national headline ...
  • Directors must weigh risks involved with joining social-outrage campaigns
    Published April 20, 2018
    By April HallIn a political climate where public opinion can turn on a dime, boards of directors need to consider a new business risk – “social risk.” Case in point, Delta Air Lines. After disco ...
  • Have Guns Become Weapons of Value Destruction?
    Published April 20, 2018
    Large investment firms have leaders at gunmakers, retailers, etc., in their sights.By Jan Alexander“We share the nation’s grief over the in comprehensible and senseless loss of life at Parkland, F ...