Leaders need to use technology to navigate emerging risks and opportunities successfully.
Corporate governance has always been a challenge, but there has never been a time when serving on a board has been more demanding than right now. Board oversight is charged with more risk than ever before, with directors having to confront increasing and complex pressures from internal and external stakeholders in the midst of geopolitical, economic, health, social and climate crises. Regardless of complexity, directors are expected to respond instantly to any crisis that may arise. Directors and senior leaders are judged on the speed and appropriateness of their responses, and on their ability to predict accurately what is going to happen in unprecedented circumstances. Frequently, the crises that directors are facing are rooted in technology. Sometimes technology is a direct cause and in other cases social media and the speed of digital communication acts as an accelerant to a pre-existing crisis.
Directors are certainly feeling these pressures. According to Diligent Institute research, directors cite that the issues they are expected to oversee are expanding too rapidly for them to keep up, and that the job is growing more complex with no signs of slowing down.
We are in the midst of a governance evolution – including updating the norms, standards and practices in boardrooms and beyond. Modern governance involves ensuring a diverse group of leaders is at the table and these leaders must have the right tools, processes and insights to enable them to ask the right questions at the right time to arrive at the right decisions. In order to succeed in a challenging environment built on a foundation of digital technology, directors and executives must be technology-enabled to make the rapid-fire, accurate decisions their jobs now demand.
How directors are thinking about cyber
In the January 2022 annual edition of What Directors Think, a report of the findings from a survey of public company directors conducted in partnership with Corporate Board Member, we wanted to learn more about the main issues directors were facing in the year ahead. Cybersecurity was at the top of the list of issues the board had the most difficulty understanding and overseeing, up from third place just one year before; cybersecurity also topped the list of areas in which directors were concerned about facing a crisis, with three-quarters (75%) of respondents choosing this option.
Understanding technology – specifically when it came to cybersecurity – came in third place in the list of agenda items for the year, falling just below talent and M&A activity. Digital innovation came in third place in terms of the key strategy drivers for 2022 in a similar survey of public company directors also conducted by the Diligent Institute and Corporate Board Member – Director Confidence Index: November/December 2021.
Director education and resources
Despite these issues becoming more integral to company success, many directors still feel out of their depth when it comes to digital transformation, cybersecurity and data privacy. This is why it is essential to ensure that the board is properly educated in these topics before new digital transformations occur within the organisation. Many companies may decide to bring in third-party experts to inform the board on such developments, and some may even onboard one or two directors who are technology experts. Director education – through training programs or otherwise – ensures that the whole board is able to understand and make use of technology effectively in order to drive modern governance.
Particularly when it comes to cybersecurity, digital innovation and emerging technology, director education cannot be a one-time or tick-box activity. Instead, it should take place on a regular basis so that the board’s competency and fluency around these issues can evolve. Once the board is able to understand and oversee these issues, you can arm them with tailored, curated insights that they can read, watch or listen to as part of their self-study. This can help to ensure that the reports coming to the board from the executive team regarding digital technology, AI, cybersecurity and data privacy are fully understood, as discussed in the episode of our Corporate Director Podcast entitled Inside the Cyber Risk and Opportunity Landscape. These materials need to be aligned to how the board makes decisions – along the axes of risk, strategy, compliance and oversight.
Risk mitigation using modern governance
Today’s AI and data-fuelled analytics tools are approaching a bold new reality. Advanced technological tools apply deep-learning techniques to information sources ranging from published reports and articles to social media posts in order to spot trends and derive new insights – and they produce results that would be nearly impossible to replicate through any manual process. Yet even as these tools gain momentum and grow in sophistication, the human element remains essential – particularly when it comes to engaging with customers, shareholders and other stakeholders.
However, in our increasingly digital and global world, being able to communicate in-person with stakeholders may not be practical, especially since the COVID-19 pandemic revolutionised the way we work and do business. A digital dashboard can give board members a better reading of risk landscapes. Innovations in data collection and analytics have made an unprecedented amount of data available in real time to inform decision-making. The key with dashboards, and with governance overall, is to keep board members out of the weeds.
A successful dashboard approach is proactive, flexible, scalable and integrated. It should be possible to quickly synthesize, connect, curate, organise and customise insights based on the user. An audit chair, for example, should be able to use the dashboard to access different information from the compensation committee member. The nature of risk means leaders will not always know exactly when or how a specific incident will come to pass, or even what the incident may be. Successful planning is about building a technology and data-driven framework that takes a holistic approach to what may be coming and how the business can best be protected.
Board software should be needs-based to provide instant visibility of risk and compliance findings, monitoring of controls and other relevant insights. The technology also needs to be flexible and adaptable to evolve with both the company’s long-term strategy and current and future risk landscapes.
Questions for boards
- To what extent do the digital technology reports you receive include information on cybersecurity incidents and updates, AI and data privacy?
- What types of training, education or outside expertise are needed to raise levels of fluency and confidence in digital transformation and cyber risk?
- How has your organisation deployed technology tools designed to help the board stay abreast of the most critical areas of risk and opportunity? How successful have these been?
You can read more about the Diligent Institute research at www.diligentinstitute.com/ or listen to the podcast at www.diligent.com/insights/corporate-director-podcast/
Dottie Schindlinger, executive director, Diligent Institute