The executive-search firm polled nearly 500 directors of a wide range of types and sizes of publicly held enterprises, more than 70 percent of whom identified themselves as outside directors. Here were some of the biggest things on their minds.
Spooked by cybercrime: Directors indicated that 80% of them had covered “cyber risk” as an agenda item in the previous 12 months. Yet they shared uncertainties that today’s boards are prepared enough to tackle the issue competently. Only 15% were “very confident” their board is adequately overseeing cybersecurity risks; 63% were “somewhat” confident; and 23% were “not confident.”
Uncertain about social media: Directors surveyed recognized the importance of getting a handle on social media and its opportunities and risks, especially as more CEOs themselves harness such outlets for their communications. But only 35% of respondents said their board had discussed social media risk as an agenda item in the previous year.
Responsive to shareholder activism: More directors are sensitive to the demands of greater shareholder activism and believe their boards should do a better job of preparing for the day when their company deals with that as an issue. Yet nearly 60% rated their board’s understanding of its investor base as good, while 29% rated it as excellent. Only 12% said fair and 1% poor.
Against mandated board diversity: Some western countries mandate changes in board composition, but American directors—more than 70% of survey respondents—strongly disagree with that premise. Nearly two-thirds, or 65%, said companies shouldn’t have policies about how long directors should remain in place before the board needs refreshment. Yet nearly half of those surveyed believe there is still an inadequate supply of diverse board candidates, and nearly 70% believe boards ought to voluntarily set diversity goals and agree that a more diverse board stimulates better decision-making.
Unsure how much more they can do: Fifty-five percent of directors surveyed don’t believe it’s reasonable to expect that a public-company board can ever fully get its arms around all the different aspects of risk in the current corporate environment, particularly technology risks.
These results show that boards need to spend time discussing and working on current issues that present risk, and that having a ‘risk expert’ on the board might be beneficial for all.