Three Veteran Board Members Share Their Tech Journeys, Advice
There’s a building drumbeat to get technology expertise on company boards, and that even includes legislation to push the issue in boardrooms. While the answer is often to bring in younger, geekier directors, the best candidate may already be sitting at the boardroom table.
Existing directors, even those past retirement age, are starting to look in the mirror and say, “I can be a high-tech director.”
With technology invading almost every part of business, from computers to e-commerce, it makes sense for all directors to have a level of tech knowledge in order to do their jobs well. It’s imperative for everything from making sure company systems and customer information are protected to spotting the next disruptive technology that could impact business.
“We have to raise the existing board members’ digital competency,” says Bob Zukis, a technology consultant, a senior fellow with The Conference Board Governance Center, and an adjunct professor of Management and Organization for the Marshall School of Business at the University of Southern California. “It demands regular board attention from a risk standpoint, but more importantly, from the strategic opportunity standpoint — how technology creates and captures value.”
Many board members are starting to take these words to heart.
Directors & Boards spoke to three board members about their paths to high-tech literacy, what they see as a director’s role and advice to get your geek on:
Director, Spar Group, Saulsbury Industries, Interra International LLC. Managing partner, Crestlight Ventures & Productions; CEO, Shelty-Viking Capital Group LLC.
When McCarthey was a senior executive at The Coca-Cola Company and part of the strategic planning group, he had to confront the tech world while mapping growth and investments a few years out. The team had to figure out how to utilize and grow the company’s digital infrastructure.
Figuring out how technology applied to everything from the supply chain to marketing was a “painstaking process,” says McCarthey, who was with the soda giant from 1981 to 2011.
He came up with a formula to simplify the process that has served him well to this day.
“Any business, I don’t care what it is, is defined by its business model; that’s a combination of the company’s capabilities, the markets it services, the value proposition, its operating culture, its leadership culture, etc.” he explains.
With all that in mind, he creates a tech map, or matrix, including columns that look at what the technology does, who uses it, why, and who manages it. Then there are three big buckets — general infrastructure, internal utility and external utility — and in each of those define your current or preferred digital assets.
This requires teamwork with subject matter experts, with the CIO or external partners; and it requires keeping up to date on the latest technology.
For example, take the role of cloud computing and infrastructure. “Recalibrate yourself on what it does, who uses it, who manages it, what are vulnerabilities and opportunities. And you literally fill this matrix out and it becomes an incredibly good learning tool for the board and consultation with management so you have a common visual map,” McCarthey says. “That’s come in handy for me, especially when it comes to enterprise risk management. You have to understand what the map looks like.”
The key, he continues, is “identifying your tech landscape and all the digital assets that make it up.”
McCarthey acknowledges that technology is moving so fast today a board member can quickly become overwhelmed.
But, he stresses, as a board director of any company, you’ve got to refocus your learning on what he calls five fundamentals:
• What business is your company in and what should it be in?
• How should you add value to your business customers?
• Who are your target customers and who are their customers?
• How do you make those customers more successful in what ever they’re doing?
• What capabilities should differentiate your ability to have a competitive advantage in serving those customers?
“I use those foundational questions, to build that visual technology map,” he says, adding, “It makes it relevant as opposed to ethereal.”
Board members must also identify subject matter experts to help, just as they would lean on an accounting firm to be the experts on GAAP accounting rules, for example.
There are experts out there who can address a host of tech topics. “You have to do your homework through referrals, or consulting houses, and you use those experts to help you answer questions.” Once a year, he adds, the board and management should be doing heavy situational analysis on strengths, weaknesses, opportunities and threats.
Director, PNC Funds & PNC Advantage Funds, National Association of Corporate Directors-Carolinas Chapter, The Committee of 200, Duke University Libraries. President, Turnberry Advisory Group.
Bruce made it her personal objective to become a high-tech director.
“You can’t live in this world without realizing how cybersecurity and risk has become a big deal,” she says, adding that there are a million cyber threats, ransomware and others, impacting firms on a day-to-day basis. “As a director, I thought it was incumbent on me to understand the jargon.” (Ransomware is software that can block access to a company’s own data until a ransom is paid to the perpetrator, for instance.)
With the majority of directors over 50, she admits, “We are not as technologically savvy as our children are but it’s important [tech is] addressed in the boardroom.”
To get up to speed, Bruce attended numerous conferences and webinars, including ones focused on cybersecurity. She also recently took a National Association of Corporate Director’s (NACD) online course.
Such courses, she admits, aren’t a cakewalk, especially for novices. “They said it would take 40 hours, or less, but it took more than double because when I watch something, I like to take notes, refer back. It took me longer than most to go through the program, but I felt I had a better understanding and wouldn’t be afraid when [the IT staff] used jargon.”
The course gave her the confidence to ask questions, and also to say, “dumb it down,” when she thought tech folks were throwing too much jargon at her. And she feels she’s learned enough to be able to make sure “management’s doing what needs to be done to protect the firm.”
Case in point, she recently was able to discuss the steps a company’s management was taking to address phishing. Some scammers target directors at companies looking to get dirt on C-suite executives. (Phishing is the practice of sending emails claiming to be from legitimate companies in an effort to get users to divulge passwords or credit card numbers.)
“I felt like I knew enough to be dangerous,” she quips about her self-imposed education.
She also was empower to ask the management team to add cyber issues to the board meeting agenda more frequently. In the past, the topic was handled at an off-site meeting once a year. “Cyber has to be part of the DNA of the company, part of all strategic decisions. It’s not an IT issue, it a risk-management issue,” she stresses.
Cyber risk and technology shouldn’t be relegated to a committee, she advises, because it can impact so many different parts of a company — strategic, risk, etc. It needs to be discussed at the entire board level. “It is unique and still relatively new,” she continues. “Maybe 10 years down the road we can put it in a separate committee because everyone’s come up to speed.”
Bruce understands decisions by some companies to tap board members who have a strong IT background, but she cautions against focusing just on tech expertise.
In addition to tech knowledge, she notes, directors need “wisdom, knowledge and experience across a lot of functions. Then they’d be a great addition to the boardroom.”
For board members looking to learn more about tech, but who may not want take a class or attend a conference, she suggests free resources such as tech magazines and papers from consulting companies they trust, in particular materials directed at board members. “You don’t want to become a geek and a nerd, you just want to learn enough to ask the right questions.”
Director, State Farm Insurance, MAM Software Group. Chairman & CEO at National Leadership Institute, Inc.
“I’m a bit of a technology fanatic,” says Czarnecki, who gets accused by his fellow board members of being a geek. And it’s no wonder, since his experience with technology goes back to his early career in bank operations in the ‘80s.
But, he adds, technology is dramatically different today.
“The digital revolution, in conjunction with the internet, expanded and exploded the business model opportunities and threats depending on where you sit,” he explains. Many older board members today grew up in an internet system that was closed to external interlopers, but now the whole “threat landscape” has changed.
Directors who are insecure in their tech knowledge, he says, allow that insecurity to scare them off. Having his level of experience is helpful, he says, but “you don’t have to be a techie to be an effective director when it comes to deployment of technology, whether systems or cybersecurity threats. Board members have one primary tool available to them to do their job. It’s the tool of inquiry.”
He was involved in beta-tested the NACD’s cybersecurity course for the association and participated as a faculty member before receiving the program’s first certification.
“The board’s got to be involved. You can’t relegate this to one person on the board,” he stresses. “You don’t have to be a technologist to know if you’ve had a breach, there’s a whole flock of things the board and management need to focus on. You’ve got to know how they got in, how to protect it, and what to do if there’s a ransomware on us. That’s governance stuff; this is a board-level set of issues.”
Companies lost their way, he continues, “because they didn’t see disruptive threats coming. You didn’t have to be a technologist to say, ‘You know that Amazon model? What they’re doing is interesting.’”
He offers three tips to get directors on the high-tech path:
• “Read, for goodness’ sake. Read things about the business you’re involved in, and read things that have nothing to do with your business. I have a Google alert on probably 50 topics, most of which aren’t directly related to the board I sit on. I get information on stuff that has nothing to do with any specific things, but helps me to keep my mind growing with what’s happening in the world.
• “Second, stop playing golf with another 75-year-old and start playing with a 35-year-old. Do things with people who are younger. I have a granddaughter who’s a 17-year-old STEM (science, technology, engineering and math) genius. We text each other and Snapchat each other. I can’t get to my granddaughter any other way. I’ve also had a Facebook page for a long time. I know that if companies don’t pay attention to the social media world, and are not engaging in conversations, they are shooting themselves in the foot.
• “My third tip is really decide you want to do this, decide you want to stay current. If I’m going to be a director I’m going to be a contributing director, I’m not going to coast. I have to be aware of what’s going on around me.”