Read this great article in the Harvard Business Review arguing that Boards of Directors need to have people who understand technology, and not just for technology companies.
Jean-Louis Bravard’s argument is geared toward financial companies and cybersecurity, but the same argument applies to any situation where technology is strategic to the ups and downs of the business, which, really, is most companies of a certain size nowadays.
Here are his proposals:
- Hire a techie to your board. That is probably the most difficult task and it is very industry dependent but my recommendation would be to give priority to individuals with scars, with both successes and failures and who continue to be involved with technology. Technology moves too fast for “stale” talent, however well-regarded. In consumer industries I would give a huge premium to articulate young entrepreneurs who can rapidly educate the board. Be prepared to rotate this role at least every two years.
- Don’t rely entirely on advisers. Many boards rely on technical advisers and consultants to assess their firm’s technology needs. Too often the corporate advice these advisers offer is generic. It’s often focused on the competitive environment — used to reassure management that it is not falling behind rivals. This leads to the predominance of the lowest common denominator.
- Ask tough questions about technology spending. Using Moore’s Law, zero-based budgeting would call for technology spending to fall each year by about 30%; in most companies spending goes up by at least 5% each year. Part of the reason is that CIOs are not rewarded for taking out old code and old hardware; instead they “layer” old technology on top of ancient technology, bad on top of worse — which of course leaves their company vulnerable to new entrants that do not have any obsolete inheritances to deal with.
- Understand the cyber threat. Unfortunately, new technology opens up vulnerabilities even as it creates value. Total security is not possible, but understanding the risk-benefit trade-off is essential. A recent survey by the Ponemon Institute, sponsored by Raytheon, found that 80% of boards do not even receive briefings on their company’s cyber security strategy. That number should be zero — and briefings should happen periodically to remain up to date.
This is an idea whose time is coming…