Digital Directors and High Tech Boards

The pressure is rising and a necessity is mounting, for company boards to increase their digital competencies.

Often the answer is to bring in a younger, modernistic, high tech Director who speaks fluent AI, but we are now seeing existing Directors, even those past retirement age, embrace the digital era and rising to the challenge to become a ‘high-tech Director’ themselves.

Get your Geek On!

Online functions and technological infrastructure now occupies every touch point within an organisation, in some form, and so the company board therefore has a duty of care to ensure that the associated risks, along with the strategic opportunities, regularly appear on the Agenda.

There can be little gain in simply ‘passing the buck’ to a younger high-tech Director.

We know that current technology has the capability to do great things, but it can destruct and destroy, just as easily as it can create and generate, and therefore it makes sense for all directors at the boardroom table to have a level of tech knowledge in order for them to do their jobs well.

To steer a company to success in 2018 directors should:

• Not ignore social media
• Ensure the CEO has sufficient enough digital competencies to lead the organisation
• Keep an eye on the ethics of AI – balance algorithms, business and humanity

In a recent article, published by Directors & Boards, three board members were interviewed about their paths to high-tech literacy. The below interview in particular, with Maryann Bruce, shines light on how directors are dealing with this ever growing challenge:

Maryann Bruce Director, PNC Funds & PNC Advantage Funds, National Association of Corporate Directors-Carolinas Chapter, The Committee of 200, Duke University Libraries. President, Turnberry Advisory Group.

Bruce made it her personal objective to become a high-tech director.

“You can’t live in this world without realizing how cybersecurity and risk has become a big deal,” she says, adding that there are a million cyber threats, ransomware and others, impacting firms on a day-to-day basis. “As a director, I thought it was incumbent on me to understand the jargon.” (Ransomware is software that can block access to a company’s own data until a ransom is paid to the perpetrator, for instance.)

With the majority of directors over 50, she admits, “We are not as technologically savvy as our children are but it’s important [tech is] addressed in the boardroom.”

To get up to speed, Bruce attended numerous conferences and webinars, including ones focused on cybersecurity. She also recently took a National Association of Corporate Director’s (NACD) online course.

Such courses, she admits, aren’t a cakewalk, especially for novices. “They said it would take 40 hours, or less, but it took more than double because when I watch something, I like to take notes, refer back. It took me longer than most to go through the program, but I felt I had a better understanding and wouldn’t be afraid when [the IT staff] used jargon.”

The course gave her the confidence to ask questions, and also to say, “dumb it down,” when she thought tech folks were throwing too much jargon at her. And she feels she’s learned enough to be able to make sure “management’s doing what needs to be done to protect the firm.”

Case in point, she recently was able to discuss the steps a company’s management was taking to address phishing. Some scammers target directors at companies looking to get dirt on C-suite executives.  (Phishing is the practice of sending emails claiming to be from legitimate companies in an effort to get users to divulge passwords or credit card numbers.)

“I felt like I knew enough to be dangerous,” she quips about her self-imposed education.

She also was empowered to ask the management team to add cyber issues to the board meeting agenda more frequently. In the past, the topic was handled at an off-site meeting once a year. “Cyber has to be part of the DNA of the company, part of all strategic decisions. It’s not an IT issue, it a risk-management issue,” she stresses.

Cyber risk and technology shouldn’t be relegated to a committee, she advises, because it can impact so many different parts of a company — strategic, risk, etc. It needs to be discussed at the entire board level. “It is unique and still relatively new,” she continues. “Maybe 10 years down the road we can put it in a separate committee because everyone’s come up to speed.”

Bruce understands decisions by some companies to tap board members who have a strong IT background, but she cautions against focusing just on tech expertise.

In addition to tech knowledge, she notes, directors need “wisdom, knowledge and experience across a lot of functions. Then they’d be a great addition to the boardroom.”

For board members looking to learn more about tech, but who may not want take a class or attend a conference, she suggests free resources such as tech magazines and papers from consulting companies they trust, in particular materials directed at board members. “You don’t want to become a geek and a nerd, you just want to learn enough to ask the right questions.”