10 Tips for Handling Difficult Conversations

We all have participated in difficult conversations whether in our personal lives or our business lives. Many of us have been on the receiving end and some have had the task to deliver a difficult message. No matter which side you are on, these types of conversations can be filled with anxiety and some fear. For the person delivering the message, it could create such negative anticipation that you fail to communicate effectively what you want the person to hear. On the other hand if you are the person receiving the message, angst and negative anticipation may lead to a failure to reflect realistically about you and your performance.

If you are in a management role and have to deliver negative feedback to someone who works for you, here are a couple of tips to consider before moving forward.

  1. Develop the outcomes you are trying to achieve before you begin the conversation. Focus on solutions.
  2. Document all performance related conversations and share them with your employee.
  3. Try to have a conversation rather than a scripted event.
  4. Ask the employee to verbally review his/her performance before you give your own observations. If the person is missing the mark, ask additional questions to get the individual to focus on behaviors and outcomes.
  5. Always focus on the employee’s behaviors and outcomes and never make any personal attacks. Don’t allege intent; have a conversation so you can understand the other person’s point of view.
  6. In general listen more and talk less. Ground rules could include each person repeating back what they heard before making their own comments. This encourages active listening.
  7. Be prepared with specific past performance issues should the employee forget to remember situations. Provide focus assistance if the person is straying from the appropriate subject matter.
  8. Remind the employee of expectations at the time of an assignment and the measurements for success along with the actual results. This could include previous conversations in which their performance was called into question and what the results were from those conversations.
  9. Be open minded yourself to another person’s observations and perspectives
  10. In most cases if you are giving constructive feedback on a regular basis, difficult conversations are simply a continuation of the process and will not and should not be a surprise to the employee.

Relationships matter and while you don’t need to be best friends with people who work for you, you should always treat them respectfully and do everything you can to help them succeed. Part of your responsibility being a manager means holding people accountable, which can in turn lead to difficult conversations. As a manager, work on being honest and considerate, while providing encouragement for the individual to improve.

Dan Portes
President/CEO
Management Resource Group, Ltd.

The post 10 Tips for Handling Difficult Conversations appeared first on CPIWorld.

Aiming High: Stephanie Drescher

Champions of business women have been honored each year since 2001 by the prominent civil rights organization Legal Momentum with its Aiming High Award. Stephanie Drescher, global head, business development and investor relationship management at Apollo Global Management, is one of three honorees this year.

Stephanie Drescher

The seventeenth annual Legal Momentum Aiming High Awards were presented at a luncheon on June 15 in New York City.

In addition to Drescher, this year’s award recipients are:

  • Brad S. Karp, chair, Paul, Weiss, Rifkind, Wharton & Garrison, and winner of the Man of Distinction honor
  • Lisa Garcia Quiroz, senior vice president, president of the Time Warner Foundation, and chief diversity officer of Time Warner

Economics and psychology might seem like an unlikely academic pairing for a Barnard College undergrad, but it was a natural combination for Stephanie Drescher—and one that helped inform her career. By applying the analytical aspects of economics with an understanding of what drives collaborative work environments, she developed a keen sense of how to achieve optimal results within complex organizations.

Drescher has since distinguished herself as one of the most successful women in the global private equity industry. After spending the first 10 years of her career at JPMorgan Chase & Co. in a variety of roles, including serving on the boards of the firm’s private equity and venture capital businesses, she joined Apollo Global Management in 2009, heading the firm’s business development and investor relationship operations.

Founded in 1990, Apollo currently has $197 billion in assets under management, and Drescher has played an influential role in building the firm into the financial powerhouse it is today. Drescher recently reflected on her career and role as a mentor in a telephone interview.

How did mentorship position you for success in the financial sector?

Early on in my career, I saw many examples of women who were in leadership positions, and they were great role models for me. That was certainly one element of being able to see a path forward. Equally as important were men who throughout my career have served as mentors and sponsors. These people came to know me quite well and were crucial in helping guide me as I developed professionally.

One key piece of advice I received early on: think of yourself as the CEO of your own career and have a board of directors you can reach out to for advice as you encounter new challenges. That framework is one that I often share with others as they set out in their careers.

How does Apollo cultivate a collaborative atmosphere?

The first thing that comes to mind is our investment committee. Everyone is invited to contribute. If you are the most recent addition to the investment team, or you’ve been there since day one, everyone sits around one—now very big—table to discuss the investments. It’s a very deliberate way to create an opportunity for everyone to learn from one another, and evaluate each opportunity from different perspectives.

I think it’s a testament to the strength of our firm that we’ve been able to maintain such a productive, collaborative atmosphere even amid our tremendous growth. When I joined, we had fewer than 100 people and managed around $15 billion. Roll forward to today, and we’re managing upwards of $200 billion with more than 1,000 people on staff. Our core culture remains the same, which enables us to deliver best-in-class performance to our global investor base.

In your experience, are investors pressing more on diversity and inclusion issues?

It’s certainly a topic of increasing interest and conversation with our institutional investors. They have many choices as to where they invest their capital, and ultimately, they want to work with firms that are focused on doing their part in terms of diversity and inclusion.

How is Apollo working to fortify talent pipelines internally and in its portfolio companies?

We are proud of a number of initiatives that we started at Apollo. In 2014, we launched our veteran’s initiative, which encourages Apollo and its portfolio companies to recruit, hire, and retain veterans and their spouses. That has been a great success.

We also recently launched the Apollo Women’s Empowerment initiative, which I co-chair with our global head of credit. We have spent a great amount of time developing a steering committee with a number of initiatives to allow for development of our women networking, and engagement with industry groups, external leaders, and the community.

How do you serve as a mentor to young women?

It starts with a commitment to engage with the wider community, which is very important for all of us at the firm. A specific area of interest for me has been my involvement with the Young Women’s Leadership Network. It’s a group of all-girls schools in underserved communities that prepare their students for college. I think it’s just another way of ensuring that as we rise in our own careers, we look to lift those around us by serving as mentors, sounding boards, and role models.

Paul S. Williams On Diversity and Making the Most of Summit

Paul S. Williams

Paul S. Williams is a partner in the Chicago office of Major, Lindsey & Africa, the nation’s leading executive legal search firm, and is a member of the board of directors for three public companies: Bob Evans Farms, Compass Minerals, and Essendant. He recently was named president of the NACD Chicago Chapter, and has served as the lead independent director of State Auto Financial Corp. The NACD team recently sat down with Williams to discuss his insights on board diversity and to ask him how to make the most of the 2017 Global Board Leaders’ Summit.

NACD: You are a fierce advocate for greater diversity in the boardroom. Could you tell us why diversity at the highest level of a company is so important?  

Williams: As a director, I feel a sense of obligation to make sure that I am helping to pave the way for diversity on boards. Unfortunately, there have not been many people of color that have served on public company boards. I think when you step back and think of the credibility of these boards—the credibility of corporate boards with the rest of the business world and the rest of society—it’s incumbent upon us to demonstrate that diversity within companies should start with the board.

When I say that I am a staunch advocate of diversity, I don’t want to limit it to ethnic diversity. I feel strongly about gender diversity, as well as diversity of ethnicity and sexual orientation. I truly believe these boards need to be diverse in all aspects.

Boards also need to be diverse experientially. Directors can’t all be people with similar backgrounds and ways of looking at critical business issues. It’s important that the discussions in our respective boardrooms include truly diverse views.

NACD: What kind of impact do you think a diverse board has on company culture?

Williams: I think it has a tremendous impact. When a management team sees a diverse board talking the talk and walking the walk, it sends a message that the board has taken to heart the importance of diversity. As a board, we don’t want to be hypocritical. Boards without diversity undermine the management team’s ability to bring about change.

A diverse board definitely impacts corporate culture in a number of ways, starting with the commitment to diversity within the company. There’s a sense of appreciation for people who bring different perspectives. It sets a tone of progressiveness and the mandate of being open to different ideas.

Diversity as a concept is somewhat intangible. Compared with financial results, it’s harder to measure. Yet I believe a company can’t have impressive financial results without an underlying culture that is productive and effective. 

How can directors learn more about the importance of diversity?  

Last year I attended NACD’s Global Board Leaders’ Summit. It was uplifting to be able to go to Summit and meet a number of other diverse directors. I knew that I would be assuming leadership of the NACD Chicago Chapter and thought it would be great to meet other chapter leaders. I had heard rave reviews about the programs and I wasn’t disappointed.

The sheer number of attendees at Summit is impressive. There is such a diversity of experience and expertise at Summit. It gave me an opportunity to meet people from around the country to network with and discuss the challenges boards are facing in terms of board diversity and other challenges.

What advice would give to someone attending Summit for the first time? 

Get out of your comfort zone and meet new people. It can be tempting for people who are more introverted to stay with the people they know. Sit at a table with folks you have never met, or who are from a different part of the country, or who sit on boards that are in different industries.

Have a game plan in advance, especially in terms of programs you plan to attend. It’s important to know which programs you want to focus on.

Most importantly, have fun! Really allow yourself to enjoy the things that come up in the spur of the moment, whether it’s talking to someone that you didn’t anticipate meeting, or going up to one of the speakers after a program and asking a follow-up question.

Click here to learn more about diversity-specific programming offered at the 2017 Global Board Leaders’ Summit.

Five Questions Boards Should Ask About Data Privacy

Paula Loop

How much of your personal data is out there, available for companies to slice and dice—and potentially for hackers to find? Your username and password information to your e-mail account? Your medical records? Your government identification numbers? What about all of the information in your connected devices?

Many companies are moving toward a digital business model, which is generating a massive amount of data about customers. With that proliferation of customer data also comes valuable opportunities for companies to analyze and act upon it. But the explosion of data is also creating a very big, mostly invisible window into people’s private lives that may leave them very vulnerable to identity theft and other crimes.

Jay Cline

New privacy laws and incidents of privacy violations, identity theft, and compromise of personal and sensitive information are compounding, which is pressuring companies to prioritize data privacy, security, and compliance. Failure to do so could mean damage to their brand and shareholder value—and even enforcement action by US federal agencies or class action lawsuits.

Data privacy is now a topic that boards need to stay on top of. Directors will want to regularly ask management questions about the company’s efforts to protect its customers’ personal information. Here are five questions boards can ask management about the topic.

1. What is our total dollar exposure to data privacy risk, exclusive of data security? Violating established privacy and data security practices can be costly. According to analysis of government data by PwC, in 2016, companies paid nearly $250 million in privacy and security related fines. It’s critical for the board meet with the right people to understand what steps the company is taking to protect its sensitive information. By meeting with the chief risk, information security, and privacy officers, the board can get a better picture of the state of privacy risk, including the dollar value of the worst possible data privacy risk event. The board also needs to determine if it is receiving the information it needs to oversee privacy risk. And if it’s not, the board needs to ask for and get it from management.

2. How effective is our data privacy strategy? Data is starting to change companies’ business strategies. Nearly two-thirds (64%) of CEOs believe that management of data will be a differentiating factor in the future. For some companies, it already is. The board should ask management to explain the company’s data privacy strategy and outline any goals around data collection and use. Is the data-driven business strategy to grow sales and revenue, improve customer experience, trust and relationships, differentiate the business, or get a competitive edge? Once the board understands that strategy, it can have discussions with management about whether the strategy is effective. The board will want to ask management for updates to that strategy and changes to any plans to achieve those data-related goals.

3. How ready is the company to provide evidence of compliance to privacy regulators? Companies that collect and use personal data need to pay close attention to privacy laws. The European Union’s General Data Protection Regulation (GDPR)—the world’s toughest privacy law—goes into effect in 2018, and the deadline for compliance is May of next year. It is notable that businesses that do not comply with GDPR face a potential fine of 4% of global revenues. Boards need to understand other laws and regulations around data privacy, too. They should ask management about what the company is doing to comply with data privacy laws. Is management ensuring the company stays on schedule to meet the law’s requirements and stays within budget for its compliance efforts? Boards should ask if the company has a data privacy compliance program, what the program entails, and how the company accounts for all the data the company collects, including where it’s housed. Boards need to be assured that management has the right processes and controls in place to mitigate any risk to that data.

4. Are the company’s plans for adopting new technologies and data analytics in sync with emerging global privacy regulations? Directors will want to look beyond compliance with current laws to the ethical issues that data use present. Just because a company collects data doesn’t mean it can—or should—use it, or allow third parties to access it. Data ethics standards are an emerging topic of practice, which means there aren’t always clear rules or laws outlining how companies can use personal customer data. Consider, for example, that some companies may use technologies such as artificial intelligence and machine learning to surveil for terrorist activity. There are few, if any, regulations around this type of implementation, which could leave these companies open to ethical scrutiny. Directors will want to discuss with management how to draw these ethical and privacy lines in the sand and how the company ensures they are not crossed. Boards will also want to ask how the company evaluates the privacy impact of new products or third-party partners.

5. Is the company’s privacy organization sufficiently resourced to enable its growth plan? Data privacy concerns may become bigger if the company grows. The more customers it attracts, the more data about them it may be collecting and analyzing. As the company’s data collection grows larger, the importance of having a data-use framework also grows. A good framework is one that outlines the collection of data, where and how it’s stored, how it’s protected, how it’s being used, any training on data privacy policies, and what the plan is if there is a breach. The board will want to meet with the chief information security and chief privacy officers to discuss the framework and ask how it’s being implemented, tracked, and enforced.

If the board regularly talks to management, asks questions, and gets answers and information, it will be in a good position to effectively oversee the company’s data privacy, protection, and compliance program.

Paula Loop is the leader of PwC’s Governance Insights Center and is a well-known speaker on a variety of governance topics. As a PwC partner and with more than 20 years of experience, Paula brings extensive knowledge in governance, technical accounting, and SEC and financial reporting matters to organizations.

Jay Cline is PwC’s Global Privacy Co-Lead. He has over 20 years of experience and is a nationally recognized thought leader in the privacy profession. He has deep knowledge of law, technology, and business, and specializes in all major privacy legislation and information security standards. In his work, Jay has helped private and public sector clients comply with data privacy and security regulations across nearly every sector. 

11 Ways to Find the Leader in Your Organization

When I ask search committees for competencies or qualities they feel are critical in their next hire I always hear people express the need for a good leader. The problem for me is identifying what leadership means as a group so when my client starts selecting a candidate everyone is on the same sheet of music.

“I know it when I see it.”

“Leaders are the people who others want to follow.”

These are a couple of simple explanations I get but trying to figure it out from the interview can be a confusing assignment.

There has been an incredible amount of research related to leadership and well-documented historical work that looks at past behavior, tying an individual’s leadership capabilities to their success. There is no way in this article that I can completely explain “leadership” as a competency in the hiring process but I thought I’d share a few thoughts for your consideration:

  1. Leaders come in all kinds of shapes and sizes as well as styles. Some are vocal and have big performative needs and others enjoy remaining in the background pulling the right strings at the right time. Bottom line – don’t be fooled by initial impressions…dig deeper.
  2. It’s always difficult to predict the future but you may find answers you are seeking if you look at the past to see if someone has been a leader before or desires to be in a leadership role. The number one indicator of future success is still past performance.
  3. Every company has particular needs depending upon where the company is in their evolution. Look closely at where your company is today and where your plans are taking you. Decide which leadership qualities are most important. Also, look closely at your candidates to see which leadership qualities the candidates used in past roles based on where the company’s needs at the time.
  4. People often confuse management capabilities with leadership competencies. A leader typically employs an approach that encompasses the short-term and the long-term view to identify the most important outcomes the company must achieve. A good manager on the other hand puts the people, processes and accountabilities in place to accomplish the outcomes a leader wants to achieve.
  5. If I had to pick one competency that separates good managers from leaders it is visioning. Leaders must have the ability to identify the long-term strategic goals as well complemented by the ability to solve difficult problems through careful and systematic evaluation of the information, possible alternatives and consequences.
  6. Leaders need to know when to delegate and when a decision is theirs to make. When a leader delegates, choosing the appropriate people to carry out the goal is imperative. The leader must push as much responsibility and authority down in the organization as possible but never forget about holding people accountable.
  7. In today’s world, everything is changing so quickly that a leader must be able to take action to support and implement change to keep up with the pace.
  8. Once there is communication to everyone in the company on the direction the company is going, the leader must be the driver for results, changing and pushing the organization and themselves to excel and achieve.
  9. Leaders need to be more than just politically aware, they have to have organizational savvy, recognizing and understanding organizational politics and working within organizational dynamics to accomplish objectives.
  10. Some people would say nothing else matters if the person on top cannot be trusted and I would agree. It is imperative that the leader has integrity and upholds a high standard of fairness and ethics in everyday words and actions.
  11. A leader can be shy but must still have the ability to make effective presentations and be able to communicate in writing. A well-told story goes a long way in convincing people to get on board.

Leaders are special people who must have the courage of their convictions and yet are flexible, adaptable and open to alternative solutions when interacting with others. Leaders need to have the ability to understand the attitudes, needs, interests and perspectives of others and balance those perspectives with their own experience, education and knowledge.

Dan Portes
President/CEO

Management Resource Group, Ltd.

MRGPeople.com

 

The post 11 Ways to Find the Leader in Your Organization appeared first on CPIWorld.

How to Serve on a Board or Commission

If you have ever wanted to land a leadership role in anything from overseeing state regulations to serving on a corporate board — a meeting Tuesday was all about the practical advice to get you there.

Two of the top women involved in appointing or promoting people for boards and commissions spoke to a group called “She Shares,” a powerful group of women focused on leadership and mentorships.

For corporate board positions, Diane Miller points out that women make up just 16 percent of the top 3,000 corporate boards, but they are at least half of the consumers in the country — so their viewpoints are important.

Get the full story at http://kcra.com/article/how-to-serve-on-a-board-or-commission-1497401682/10020110.

©2017, Hearst Television Inc. on behalf of KCRA-TV

At the Ready: Risk Lessons Learned from a Cybercrime

My introduction to cybercrime came seven years ago as a bolt from the blue. I Googled myself and found that four of the top five search results showed I was on the Federal Bureau of Investigation’s (FBI) Top Ten Most Wanted List.

The attack came as a bolt from the blue.

After checking outside my front door to make sure no FBI agents were lining up to arrest me, I researched what had happened. I was the victim of an Internet stalker—a previous business associate looking to mar reputations of people this person had had no contact with for nearly two decades.

This experience personally taught me the harm that could be done through the Internet and the unique nature of the risks involved, and sparked my commitment to practicing sound cyber-risk oversight.

Cybersecurity as a Risk

Cyber risks have unique characteristics that not many of the more than 60 different risks reported in public companies’ 10-K reporting share. Most other risks and the damage they cause, although highly detrimental to a company, can be assessed and quantified (consider, for example, the cost of rebuilding after a fire). Cyber risk is different because a victim of a cyberattack may never be able to find out who attacked the company or person, where the attack came from, what was taken, or how long the attack had been going on for.

The most striking feature of cyberattacks is their anonymity. It is very difficult to trace an attacker who wants to stay anonymous. An attacker can create dummy corporations, hijack e-mail accounts, and use multiple servers to become virtually untraceable. Another method that hackers use to hide themselves is the virtual private network, which make it very challenging to track where the attack originated. Say the intrusion appears to have come through a server in Singapore. The attacker actually could be in Estonia. Even if you can trace the perpetrator, getting redress would mean international ligation.

What are they taking? Unless the attacker is confronting you with a ransom demand for your data, you may not know what is being taken or corrupted without extensive and time-consuming forensics.

Lastly, how long has this been going on? For the same reasons that it is difficult to identify what is being stolen, the time of the origination of the attack is hard to assess. Often known as “Logic Bombs,” malicious software can lie dormant for long periods, and sometimes years, before it is activated. The classic example is the disgruntled employee who leaves malware that activates itself on the anniversary of his firing.

You Are Not Invulnerable

One of the worse mistakes a board can make is to assume that they are at a lower state of cyber risk, as their corporation is not a bank or does not store credit card information. If the company transfers money and is connected to the Internet, which means just about every company in the United States and many around the world, the company is at high risk for being attacked. Banks and retailers are at extremely high risk. Low risk simply does not exist in the cyber-risk spectrum.

For most companies, the principal vulnerability is economic. Simply put, attackers are trying to make money. Besides stealing information such as employee health care data, or social security numbers that can be sold on the black market, an increasingly popular form of attack is to lock out the company from its data, or encrypt it and charge a ransom to release it or decrypt it.

Brand and reputation attacks are another vulnerability done more to discredit a company’s reputation for either competitive or political motives. To take an obvious example, imagine the damage to a cybersecurity company’s reputation if its own firewalls were breached. Such an attack would deeply harm the core promise that a cybersecurity company makes to its customers to secure its enterprise.

Hacktivism, as the name connotes, is an attack launched based on the attacker’s beliefs and ideologies. For instance, a company that tests its products on animals could find itself as a hacktivism target. Typically, the attacker will post messages about the cause on the company’s website or contact its customers and suppliers.

Lastly, malicious attacks can be launched to inconvenience and disrupt the company such as in the Logic Bomb attack described above. There is usually no economic effect—vengeance is the principal motive.

Since her “arrival” on the FBI’s Top Ten Most Wanted list, Wendy Luscombe has led a real estate investment trust as CEO, served as a director on European and American boards, and studied cybersecurity and cyber-reputation management. All views and opinions expressed here are the author’s own.