Is Your Company Ready for a Cyberattack?

MIT Sloan Management Review

The U.S. military views cyberspace as a critical domain it must protect — similar to air, sea, and land. It regularly conducts war games to expose and eliminate risks to data and networks and to test its cyber defense tactics and strategies. As part of that effort, the military and other government agencies, including the U.S. Department of Homeland Security, have launched “bug bounty” programs that reward so-called ethical hackers (people hired by organizations to hack into their computer systems) for identifying and repairing potential vulnerabilities.

Companies face many of the same cyber risks as military and government agencies, and many of them are investing in similar capabilities to protect themselves. Goldman Sachs, for example, plans to put more than 8,000 developers through a gamified cybersecurity training program to help them gain a deeper understanding of attacker psychology and the range of countermeasures they might take. During this program, teams will compete against one another in games that feature more than 300 risk scenarios to develop and hone skills in malware analysis, digital forensics, and ethical hacking. Other companies, such as Intel, are taking steps to identify problems early — for example, offering rewards as high as $250,000 to security experts who identify vulnerabilities in their products. Such open invitations to engage hackers have helped organizations uncover and address real risks.

Increasingly, cyber exercises are becoming standard elements of corporate risk mitigation and resiliency efforts. In this article, we will describe some of the exercises companies are employing. They include “tabletop exercises,” which are designed to help executives envision how they would handle different risk scenarios; “red team exercises,” which are designed to ferret out weaknesses through contained attacks conducted internally to see how cybersecurity teams respond; as well as engaging ethical hackers to test an organization’s cybersecurity defenses.

Tabletop Exercises

Tabletop exercises are carefully planned events that simulate actual cyberattacks, thereby helping organizations identify specific vulnerabilities and define processes, procedures, and individual responsibilities needed to make systems secure. However, it’s important to note that tabletop exercises aren’t just about “defending the castle” against attacks; they can also teach a company’s leaders to manage through the attack and after the attack to remediate damage. In a way, the exercises serve as an X-ray into the organization’s cyber weaknesses. They can help companies accelerate their reaction time and build resilience by testing their preparedness for different types of scenarios, including external attacks and internal data breaches.

Typically, companies establish teams of people from different levels and areas of the business (including security specialists). The teams are asked to react to scenarios and puzzle through a series of questions. For instance: If data security is breached and sensitive customer data is stolen, what would the company need to do? How would the company detect an attack? How rapidly could it respond? Could the attack actually be a smoke screen to divert attention from another (perhaps even larger) attack on another flank? On a practical level, the tabletop exercises are designed to help companies figure out who is accountable for carrying out what actions — and what information needs to be communicated to customers, staff, the media, regulators, police, and government officials.

The right response may vary depending on the day, the time, or the time of year. For example, an attack on a financial firm on a weekend or holiday may call for a different response than what’s required during a normal trading day when more security experts and managers are immediately on hand to deal with the problems. Other types of risks arise when companies are preparing to announce quarterly financial results. Attacks during these periods can lead to corrupted data and may prevent IT systems from generating the necessary information. In such cases, the best response is usually to suspend service and redirect users to centers where the digital services have not been compromised.

Because many day-to-day processes regarding data and privacy rely on human judgment rather than controls that are coded into systems, tabletop exercises can also uncover vulnerabilities unrelated to networks or software. Indeed, in any organization, people and devices are the weakest security link. For example, one company we worked with discovered through a tabletop exercise that its backup customer relationship management and order system provided relatively easy access to a variety of corporate systems and databases; among other weaknesses, it used non-expiring passwords. This meant that any hacker who broke into the system would have potential access to personal information on employees. Another company found that would-be hackers could see pending trades that were being shared internally by email in unencrypted Excel spreadsheets.

Although tabletop exercises typically focus on how individual companies should prepare for a cyber crisis, some industry organizations have undertaken the exercises industry-wide. For example, the Financial Systemic Analysis and Resilience Center, a group formed in 2016 by eight large U.S. banks, conducts massive-scale tabletop exercises in which it explores and analyzes cyber strategies for the entire North American financial services sector.

Red Team Exercises

The U.S. military has turned building defensive capabilities and reducing vulnerabilities into a regular training activity. The idea is to test force readiness, with one group of security experts (the red team) focused on exploiting weaknesses in a second group (the blue team). The blue team’s job is to test its defenses and protect the security of its “crown jewels,” which include everything from customer data and R&D reports to control codes and technical specifications. In advanced organizations, the goal is to conduct realistic tests of the responsiveness of a company’s core security operations while taking care to prevent damage to people, live data, or equipment.

Staging red team attacks can help companies test their cybersecurity preparedness and their abilities to defend against actual or potential threats to their customers, the organization, or the broader system they operate in. For example, drawing on what’s known about the latest machinations of bad actors and publicly available information about a company, a red team might attempt to gain access to the company’s network and then try to blend into the normal data traffic. Depending on how red team exercises are structured, defenders may or may not know about the exercise in advance. Some companies keep score between the two teams to foster competition.

Engaging Ethical Hackers

Finally, companies can hire ethical hackers to conduct surprise attacks on their products and networks. They can follow the example of the Pentagon, which has been able to identify and remediate some 4,000 security vulnerabilities through its bug-bounty program. Among other things, the hackers found security gaps that enabled people to bypass authentication procedures or to inject bugs into the system.

Automakers Fiat Chrysler and General Motors, for instance, are taking this approach, offering bounties to individuals who uncover weaknesses in software related to their cars. In the world of cryptocurrencies, Coinbase, a digital currency exchange, has positioned itself as a trailblazer in hacker-powered security; it works with HackerOne, a bug-bounty platform, to engage some of the most persistent ethical hackers.

Mounting concerns over cyber threats have prompted some companies to develop their own cybersecurity tools to essentially crowdsource ethical hacking. In the past few years, Netflix, for example, has developed more than a dozen applications to analyze security threats to its data and systems. It has released the applications, many of which are geared toward distributed software development organizations, as “open source,” which permits other companies to use or modify them for their own purposes without paying a licensing fee. The added benefit is that the original tools are improved in the process. For its part, IBM has a practical and proven approach to ethical hacking, with standards, training, and certifications to enable it to deploy proficient hackers in large numbers.

Security experts often say there are two categories of companies: those that have been attacked and those that don’t know they’ve been attacked. In today’s environment, learning what it takes to fortify your cybersecurity team and business from cyberattacks needs to be an ongoing activity. If — or when — an attack occurs, your company’s ability to aggressively isolate the problem, and then mitigate and restore normal activities in a timely manner, could define the future of the business. Cyber games can help you understand where to focus resources to improve your readiness and resilience.

Download this report free for a limited time. Register to download the report

Download the Report

Sponsored by:


Leading marketers in the travel sector use machine learning (ML) not only to measurably improve business outcomes but to fundamentally redefine what those outcomes should be. Simply put, ML is helping travel marketers learn more about what outcomes should matter most. In particular, they’re deploying ML to learn much more about their customers much faster. ML is making travel marketing analytics more predictive.

Our recent global executive study of strategic measurement reveals that a majority of travel marketers embrace ML: 70% of marketing executives in travel have incentives or internal functional (marketing-specific) KPIs to encourage the adoption of ML technologies to drive marketing activities, and 79% report that they invest in new skills or training to make marketing more effective in its use of automation and ML. (See Figure 1.) Measured according to our KPI Alignment Index (discussed in more detail in the “Leading With Next-Generation Key Performance Indicators,” report1), a larger percentage of travel respondents are, relative to the overall sample, advanced users of KPIs. In sum, the travel industry is a quantitatively sophisticated sector making investments in training marketers in ML.

Figure 1: Machine Learning Across Industries: Belief, Investment, and Incentives

Machine Learning in the Travel Industry

The research and analysis for this report was conducted under the direction of the authors as part of an MIT Sloan Management Review research initiative, sponsored by Google, in collaboration with Think with Google.

To drive greater returns on their ML investments, aspirational travel marketers need to recognize and embrace the following trends.

The Emergence of New KPIs

Using ML primarily to improve or optimize legacy KPIs can be a fool’s errand. Travel industry marketers — who often confront born-digital disruptors, increasing globalization, and tourists who’ve made “selfies” an integral part of the travel experience — recognize that new value creation demands new metrics to assess it. Using 100 times more data to wring greater efficiencies from existing KPIs isn’t good enough; serious marketers look at orders of magnitude to spark novel insights and test new business hypotheses. ML makes that kind of data exploration fast and feasible. Unsurprisingly, born-digital platform-oriented travel companies appear quick to use more data and more innovative analytic techniques to bring new KPIs to their operations.

Machine learning is an artificial intelligence discipline geared toward the technological development of human knowledge. Machine learning allows computers to handle new situations via analysis, self-training, observation, and experience.i

As short-term rental company Airbnb set out to generate revenue and additional market penetration by converting guests into hosts, new KPIs surfaced. The campaigns to encourage travelers to rent their properties varied market to market. In some, the company used email marketing; in others it employed more traditional campaigns using radio. In all cases, these were a collaboration between two functions: marketing and operations. “It was a shared KPI,” explains former Airbnb CMO Jonathan Mildenhall, “because operations teams driving the business would come to us and say, for example, ‘In this market, in Seattle, we want to recruit hosts. And these efficiency targets, marketing, how might we meet those targets?’”

About the Research

This report explores some of the key findings from the authors’ 2018 research study of KPIs and machine learning in today’s corporate landscape. The research, which included a survey of 4,700 executives and managers (more than 1,600 in marketing) and interviews with more than a dozen corporate leaders and academics, has far-reaching implications for modern businesses.

We surveyed 326 senior marketing executives and managers in the travel sector about their use of KPIs and the role of machine learning in their marketing activities. Thirty-one percent are from companies with at least $1 billion in annual revenue. Most of the companies are equally focused on business customers and consumers (42%), followed by B2B (32%) and B2C (25%). Ninety-three percent of the companies are at least 5 years old, with the largest group (48%) between 10 and 25 years old.

Realigning Marketing With Operations

The airline industry’s use of shared KPIs points to where other industries (and companies like Airbnb) are headed. At JetBlue Airways, Marty St. George explains his role as chief commercial officer with a marketing team reporting to him: “We never really had CMOs in this business. It’s always been more of a chief commercial officer or chief revenue officer, a job where you’re controlling all pieces of the business that are tied to revenue.” It’s no surprise that 71% of travel marketing executives have visibility into other C-suite leaders’ KPIs.

Siloed information can stymie marketers’ use of ML. The sales function, for instance, typically has a great deal of data that marketing can use to build its own ML algorithms. As ML use increases throughout the enterprise, marketers have the opportunity to align KPIs and ML capabilities. Partnerships between marketing and other internal groups become practicable — and, in some cases, vital — to provide access to data. St. George explains that JetBlue recently appointed a central data scientist to “make sure that all the databases talk to each other and, in fact, agree” to facilitate the design of seamless customer experiences.

More Opportunities for Personalization and Customization

Today’s savvy, selfie-taking travel consumer expects personalized assistance at every touchpoint. That’s why so many top-tier travel enterprises see ML as personalization engines that convert huge volumes of customer data into more bespoke insights and offerings. Preserving the customer loyalty of a “TrueBlue” frequent flyer is one thing; converting that loyalty into exploring vacation packages and travel bundles is quite another.

St. George notes, “We track your digital journey to make sure that we make it as easy as possible.” Understanding customer travel behavior has led to the creation of new products for the carrier, including JetBlue Vacations, which creates customized itineraries for consumers. Similarly, Airbnb’s Experiences platform, which enables hosts to share not only their homes but also their knowledge of local environments, generates new data sets as hosts and travelers alike use this service. Airbnb’s marketers can use its recommender systems to suggest personalized travel packages to users that integrate host offerings.

Machine Learning: Just the Ticket

Marketing executives in the travel sector are well aware that ML is a source of strategic benefit, and they have embraced the technology accordingly. Mildenhall observes that these days, everything in the travel sector — the consumers, the competitors, the technology itself — moves fast. To keep up, he says, “you need real-time data that’s driving real-time strategy that’s driving real-time market implementation.” ML technology, together with the appropriate functional KPIs and structure to support it, will most likely play an expanding role in the data-driven travel marketer’s toolkit.
Prasatporn Nilkumhaeng/EyeEm/Getty Images

No industry is failing faster than retail. Just last month, the 125-year-old Sears—once the world’s largest retailer—filed for bankruptcy. The public has more or less come to expect the shuttering of stores such as Macy’s, Sears, Toys ‘R’ Us, Kmart, Kohl’s, J.C. Penney, and Barnes & Noble. The ones that manage to escape are discount chains—such as T. J. Maxx and Marshalls—which compete aggressively on price.

Price competition hurts. It also hurts the brands sold inside the stores, which in part explains why consumer product giants like Procter & Gamble are seeing their sales stagnate for products like Tide detergent, Gillette razors, Pampers diapers, and Crest toothpaste.

A recent report by the consultancy BCG documented a general decline in sales among consumer packaged goods (CPG) companies in the United States during 2017, with mid-sized and large companies losing market share and small companies increasing theirs. Consultancy Catalina also revealed that 90 of the 100 top brands had all lost market share. In dollar terms, small players—defined as those with sales less than $1 billion—grabbed approximately $15 billion in sales from their larger peers between 2012 and 2017.

Shoppers now purchase more online, making fewer trips to stores and seeing fewer in-store promotions. A small but trendy razor club with a hip logo, Harry’s, attracts more Instagram followers and product subscriptions through its website than a fully stocked Gillette aisle in a supermarket ever could. And so Harry’s has been growing 35% year-on-year between 2014 to 2016, three times faster than the industry average, commanding 9% of all online razor sales.

Whereas the Gillette aisle in the local supermarket targets exactly one neighborhood, Harry’s website reaches millions. Harry’s bolsters the subscription habits of its recurring consumers, whereas Gillette relies on in-store impulse buying. When someone buys a razor in a store, Gillette has no clue who’s buying what and when; Harry’s knows it all.

Newcomers like Harry’s still represent only a fraction of the overall market, but they’ve captured the majority of the growth in that time—a defining feature of disruptive innovation. That’s why P&G has been restructuring for 20 years “without much to show for it,” according to one former finance manager. No matter how well P&G reorganizes itself, it can’t reverse the decline from $83 billion in sales in 2008 to $65 billion in 2017 without learning some new tricks.

I came across a report by the Wall Street Journal about Johnson & Johnson and how the sluggish sales of its baby shampoo have forced the company to make a desperate bet. J&J will take out the yellow dye from its iconic golden-hued baby shampoo and make it clear. Whether this will help J&J in the long run, no one knows. But the sluggish sales reflect the same dynamics that P&G’s been facing: market share lost to smaller brands, over-reliance on traditional retailers, and an inability to create direct relationships with consumers at a time when e-commerce is exploding.

Last year, P&G went to war to clean up the online ad market and used its pull as the world’s biggest advertiser to squeeze more information about the effectiveness of digital ads out of Google and Facebook. It slashed digital ad expenditures by more than $200 million and issued an ultimatum for tech firms to become more transparent. That’s a good start. But it also needs a new vision.

Activist investor Nelson Peltz, who sit on P&G’s board, has such a vision. He argues that P&G “must acknowledge that others will inevitably come up with new ideas, new opportunities for growth, and new products that are on-trend with consumers.” He also suggests that “P&G must be proficient at acquiring small, mid-size, and local brands and using its R&D and marketing clout to take them to the next level.”

What Peltz suggested is exactly what Xiaomi is already doing.

By March 2016, Chinese smartphone maker Xiaomi had invested in some 55 startups, generating products from power banks to air purifiers. Of these companies, 29 were incubated from the ground up by Xiaomi, and four were already unicorns worth over $1 billion. What Xiaomi offers to startups is a combination of funding and incubation by “taking non-controlling shares” and “leaving maximum interests to the startups” so that “they are much more incentivized and willing to fight on the front line,” explained Liu De, co-founder and vice president of Xiaomi.

Startups typically get access to Xiaomi’s brand and distribution—its online channel, its app, and its 300 offline stores. As a result, Xiaomi is poised as not only a low-cost phone maker but also an emerging powerhouse among the makers of the all-important “connected home devices.” “Our ecosystem even gives customers unusual new products that they never knew existed,” said Wang Xiang, Xiaomi’s senior vice president, referring to the company’s Bluetooth speaker, internet-enabled rice cooker, and air purifier (the first affordable one in China)—products that the company claims are not only best in class but also cost less than their existing counterparts.

P&G should follow suit. It can no longer be a mere “industrial corporation with a future based on technology” but rather must become a house of startup brands that runs pop-up stores, makes home deliveries, celebrates communities with parties, fosters subscription models, and curates compelling product personas, all while gathering comprehensive consumer data to guide new product innovation. In effect, it becomes a sort of coherent conglomerate. It makes a lot of bets, owns numerous largely separate businesses, but uses a few key centralized capabilities like branding and retail distribution to provide each of its subsidiaries with something independent CPG companies can’t match.

This structure would better enable P&G to copy what scrappy upstarts like Harry’s or Warby Parker do. These startups, despite being manufacturers, digitalize all customer touchpoints (like Netflix), control the user experience by forward-integrating into the brick-and-mortar realm (like Amazon buying Whole Foods), and then run data analytics to optimize merchandise mix and inform product innovation (like Alibaba’s Taobao).

So, are such steps too bold for a $235-billion (market cap) company from Cincinnati? The 180-year-old house of brands hasn’t managed to survive this long without making bold steps in the past.

When the first boxes of Tide went on sale in 1946, it was the first synthetic detergent that could deep-clean clothing “without making colors dull or dingy.” Before Tide, all soaps were “naturally” made by heating animal or vegetable fats with water and an alkali base. The benefits of a synthetic detergent that makes “white clothes look whiter” were so apparent that within just three years, Tide outstripped all other brands on the market and became the number one detergent. In the wake of Tide’s introduction, P&G would “no longer be a soap company” but “would become an industrial corporation with its future based on technology,” its technical staff body tripling that of the pre-Tide year of 1945.

But inside P&G, managers had feared the new products might cannibalize their beloved Ivory soap. Only Chairman William Cooper Procter, the last family manager of P&G, remained a staunch supporter of synthetic detergents. In a memorable remark addressed to his staff, he said, “this [synthetic detergent] may ruin the soap business. But if anybody is going to ruin the soap business, it had better be Procter & Gamble.”

P&G made bold moves to save itself in the past. Now it just needs to rediscover that chairman’s mentality. And that might well go for any consumer brand, not least P&G, looking to escape the utter ruins of the retail wasteland.

Internal communication is more important than ever. Companies need to communicate strategically and frequently with employees, sharing messages that are relevant and accessible. Businesses that don’t communicate in ways that resonate with their workforce find themselves paying the price in high turnover.

In the past, internal communications strategies that focused on efforts such as low-readership employee magazines or in-house intranet content often earned a reputation for draining resources without having much impact. But investing in an internal communications strategy that leverages mobile app technology can play an integral role in reaching employees, connecting strategy with operations and helping companies thrive, according to new research by Staffbase.

Employee apps are being adopted as a mobile solution for reaching employees via their personal smartphones/tablets—often with push notifications. An app can be an effective and secure channel for connecting dispersed workers who lack corporate email addresses or regular access to desktop computers, such as non-desk and/or remote workers, as well as freelancers, non-contract employees, temps, etc. As more and more people work this way, an employee app can provide them with easy access to corporate information and workplace tools, targeted for practicality and relevance, and promoting alignment and engagement.

Businesses Are at an Internal Communication Crossroads
Communication professionals try to utilize every available resource to reach their audience during times of change, to be a powerful voice in their lives, and to foster connections—but too often they aren’t getting through. Reach and relevance have become the greatest weaknesses of internal communications. However, new mobile communication technology can help companies reach employees directly when it matters most, targeting them with timely and vital information.

Surveys show that companies that optimize internal communication improve efficiency, compliance, and customer satisfaction, and have reduced risk and turnover. Research by Staffbase shows that a mobile employee app dramatically improves internal communication, and it identified four areas where companies can see concrete ROI.

Enabling Middle Management Communication Improves Work

Middle managers and operational leaders often hold the information that influences day-to-day business operations and guides employees in their jobs. An app allows communication professionals to identify influencers in that group and empowers them to distribute job-critical information.

Staffbase research found that effective delivery of safety information can lower the incidence of work accidents and reduce costs of occupational injuries and illnesses by 31 percent. The research also found that when apps are used by operational leaders to provide training and guidance for frontline workers, customer satisfaction (measured by Net Promoter Score) can rise at least 10 percent. For every 10 percent increase in customer satisfaction, companies increase revenue by 7%.

In 2017, German transport company Reinert Logistics implemented an employee app with their workforce, of which 83% of employees are non-desk workers. The company enabled operational managers to share safety videos and provide easy access to tools that helped with daily tasks, thus reducing incidents resulting in damages to company assets by 15%.

Reduce Wasted Time and Boost Revenue Per Employee

Studies by IDC, the Working Council of CIOs and Reuters show that employees spend on average 20% of their hours searching for information necessary to do their jobs effectively. While knowledge and non-desk workers differ in the kinds of information they need and at what frequency, the relevance of this issue for non-desk workers cannot be underestimated. A company using an employee app can modestly expect to reduce time wasted on these activities by 15%, increasing revenue per employee by 5%.

Troy Griggsby, Communications and Brand Manager at US Auto Logistics (80% non-desk workers) helped launch their employee app in 2017. Several months after implementation he reported, “The employee directory alone is pure gold. We’ve learned that some of the things that seem like small inconveniences of outdated communication are really decisive in how well employees can do their jobs. The employee app addresses a lot of inefficiencies that hinder the day-to-day activities that keep our business running smoothly.”

When Employee Engagement Rises, Turnover Plummets

Gallup’s most recent State of the American Workplace survey revealed that only 33% of US employees said that they were committed to their work. The same research found that the turnover rate for disengaged employees is 10 percent higher than engaged employees. Mobile employee apps reach all employees through a medium that is central to their everyday communication habits, and integrate features designed to keep employees engaged. Turnover risk drops significantly for engaged employees, a Gallup poll shows that engaged employees are 27% more likely to report excellent performance.

The research by Staffbase found that by capitalizing on the reach of mobile devices and creating relevant experiences and opportunities for reciprocity, mobile employee apps dramatically boost employee engagement. Companies utilizing an employee app were found to drive engagement levels to above 75%, which can save them anywhere from 25 to 65% on turnover costs.

Addressing Change-Related Stress Increases Performance

Technology has given everyone a voice, but companies are struggling to make themselves heard and understood. This is especially problematic when successful change depends on the cooperation of the workforce. Gartner reports that employees experiencing change-related stress perform 5% worse than average. Staffbase research found that through better reach and feedback opportunities, an employee app could reduce change-related stress by at least 2%, lowering related revenue loss by 41.2%.

Mergers and acquisitions involve complex organizational change, with fail rates from 50 to 75% according to research at Northwestern School of Education and Social Policy. Global refractory leader RHI Magnesita, with 14,000 employees (60% non-desk), went live with an employee app on day one of their 2017 merger. The app played a crucial role in maintaining performance during this period. The company finished 2017 with 11% revenue growth and their app was recognized with several awards for outstanding corporate and workplace communication.

Decision Makers Are Providing Proof

Transforming internal communication to meet the demands of the changing business landscape and those of modern employees is complex. Research on internal communication continues to offer new insights, but powerful evidence of the necessity of a communication transformation also exists in the growing number of companies investing in 21st-century strategies. Their success stories were the catalysts for the full report on the value of an investment in mobile internal communication.

Read more here.

Ellen van Bodegom/Getty Images

To retain talent, most organizations offer the typical things: free coffee and tea in the break room, competitive benefits, generous raises and bonuses, and employee recognition programs. But none of that works for an employee who doesn’t feel comfortable in his or her work environment. Picture, for example, a Muslim who prays in his car because he doesn’t want to advertise his religion, a mother who doesn’t put up pictures of her children so that coworkers won’t question her commitment to the job, or a gay executive who is unsure whether he can bring his partner to company functions.

Employees who differ from most of their colleagues in religion, gender, sexual orientation, socio-economic background, and generation often hide important parts of themselves at work for fear of negative consequences. We in the diversity and inclusion community call this “identity cover,” and it makes it difficult to know how they feel and what they want, which makes them vulnerable to leaving their organizations.

You and Your Team Series Retention
How to Lose Your Best Employees
Whitney Johnson To Retain New Hires, Make Sure You Meet with Them in Their First Week
Dawn Klinghoffer et al. Why Great Employees Leave “Great Cultures”
Melissa Daimler

Most business leaders understand the diversity part of diversity and inclusion. They get that having a diverse workforce is important to customers and critical to succeeding in a global market. It’s the inclusion part that eludes them — creating an environment where people can be who they are, that values their unique talents and perspectives, and makes them want to stay.

The key to inclusion is understanding who your employees really are. Three of the most effective ways to find out are survey assessments, focus groups, and one-on-one conversations. To be effective, however, they must be approached in a way that accounts for the fact that people — particularly those in underrepresented groups — can be more difficult to get to know than we think. Here are some best practices for getting to the heart of who your employees really are:

Segment employee engagement survey results by minority groups.

Many organizations conduct employee engagement surveys, but most neglect to segment the data they collect by criteria such as gender, ethnicity, generation, geography, tenure, and role in the organization. By only looking at the total numbers, employers miss out on opportunities to identify issues among smaller groups that could be leading to attrition, as the views of the majority overpower those of minorities.

In 2015, for example, women constituted 52% of the new associate class at global law firm Baker McKenzie, but only 23% of the firm’s 1,510 partners. To find out what was keeping women from advancing to senior roles, I asked our researchers to segment the results of a firm-wide engagement survey to examine responses from women lawyers. Based on that data, we learned that many of the firm’s women associates didn’t want to be partner nearly as much as their male counterparts.

That prompted us to launch a follow-up survey to find out why, which revealed four things that would make partnership more attractive to women: more flexibility about face time and working hours, better access to high-profile engagements, greater commitment to the firm’s diversity targets, and more women role models. Those four things became the basis for an action plan that included, for example, a firm-wide flexible work program that promoted remote working. By 2018, the percentage of women promoted to partner had risen to 40%, up from 26% in 2015.

Use independent facilitators to conduct focus groups.

Focus groups are another way to gain deeper insight into what employees care about and the issues that may be causing frustration and burnout.

One company-wide employee engagement survey conducted by a $15 billion food company showed that the employees in the Canada office had much lower work-life integration satisfaction scores than those in other countries. After conducting a series of focus groups to find out why, we discovered that many employees were receiving emails from their managers on weekends and feeling obligated to respond even when their managers told them not to until Monday.

We also learned that the leaders in that office were often tied up in meetings all week and used the weekends to catch up on email. When we asked the employees for solutions, they suggested banning emails on weekends and not having any meetings on Fridays so that managers could use that time to catch up on correspondence. After the office implemented these new policies, employees reported being happier and less stressed when they survey was conducted a year later.

These groups are best facilitated by an outside company or trusted diversity and inclusion professionals who don’t have a vested interest in the outcome so that employees can speak freely.

Get personal in one-on-one discussions.

A one-on-one discussion with a manager can be the most powerful tool for finding out what an employee cares about. But for these conversations to be effective, the manager needs to have an open-door policy and exude a “tell me anything” persona. One way for managers to prove they are trustworthy is by sharing their own thoughts and feelings when they are tired, sad, or struggling with an issue. It helps show they’re human.

Michael Santa Maria, who chairs Baker & McKenzie’s North America International Commercial and Trade Practice, tells his employees repeatedly that he wants them to succeed both at home and at work, and he takes an active interest in their families. His philosophy is that it’s hard to succeed at work when things at home are failing, and he openly talks about his family to his staff and even clients. The fact that he is open about his personal life makes his staff more comfortable sharing their own personal details — even those that may differ from the majority of their colleagues.

The road to retention

In an ideal world, all leaders would be adept at understanding their employees and making sure they didn’t lose any through neglect or ignorance. In the real world, however, most aren’t tuned into the factors that can get in the way of knowing what’s important to employees both individually and collectively. Tools such as segmented engagement surveys, focus groups, and personal conversations can guide management in taking the actions that will help keep their talent engaged and committed to the organization. The first step in retaining more employees is to use these tools.

Prapass Pulsub/Getty Images

News that General Motors plans to cut up to 14,800 jobs in the U.S. and Canada was initially reported as a conventional business-cycle adjustment — a “trimming of the sails.” The main causes of the cuts were understood to be slowing demand in the U.S. and China, slumping demand for sedans, and the need to reduce over-capacity in North America.

Then the story turned political, as President Trump lashed out at GM while some observers framed the news as a blow to the president’s promises to bring jobs back to the U.S. heartland.

And then others focused on the community disruption of plant closings in the Rust Belt and how it might be mitigated.

While all of those perspectives are relevant, the most revealing aspect of GM’s announcement may well be what the layoffs say about broader technology trends. GM’s layoffs are not just incremental but existential, in that sense: They are about accelerating the staffing changes mandated by the company’s aggressive transition from analog to digital products and from gasoline to electric power. As such, the new layoffs (and associated future hirings) are likely an augury of much more disruption coming — in the auto sector, for sure, but also in firms all across the economy.

Central to GM’s announcement is, in our view, what we call the “digitalization of everything.”  By that, we mean that GM’s layoffs significantly reflect the talent and workforce strains associated with the diffusion of digital and electronic technologies into nearly every industry, business, and workplace in America.

Specifically, the advent of consumer electronics, IT, electric and battery powered drivetrains, and — soon — autonomy in the automotive industry are placing excruciating new demands on its workforce, and forcing painful change. Where once the auto-sector workforce was anchored by workers responsible for mechanical and machine-maintenance roles, the need for electrical skills is now growing exponentially due to the increasing electrical and electronic content of the car. Likewise, where mechanical engineers once predominated, the original equipment manufacturers (OEMs) are increasingly looking for software engineers, energy management experts, and data scientists able to build electric and self-driving vehicles.

Our recent analysis of the digital content of hundreds of occupations in the American economy shows that the digital content of auto work has soared in the last 15 years, with huge implications for workforce development in the sector. The mean digitalization score of workers in the advanced manufacturing sector, of which auto is a part, surged 60%, from 24 to 39 since 2002. This has reoriented the occupational mix of the industry, changing its hiring needs and layoff decisions.  As of 2016, for example, the fastest growing occupations in the auto sector were computer network support specialists and software developers while two of the fastest shrinking were drilling and boring machine operators and sheet metal workers. Similar patterns of cutting and hiring are visible in last week’s announcement.


Nor is that all: Look for more of the same in the future — from GM, and from all other companies in the sector.  According to our calculations, employing task-level work assessments provided by the McKinsey Global Institute, nearly 65% of all auto-sector jobs have task-level automation potentials of at least 70% in the next 10 or 15 years, meaning they are potentially susceptible to significant work changes, if not termination. With that said, as one of GM’s statements last week noted, “GM’s transformation also includes adding technology and engineering jobs to support the future of mobility, such as new jobs in electrification and autonomous vehicles.”


In that vein, last week’s layoffs surely were a response to changing near-term market conditions. But beyond that, the cuts went much deeper, to respond to massive, technology-driven changes in the nature of the work at hand.

As to what needs to be “done” about these transitions, the proper response almost certainly bears no resemblance to any of the ideas President Trump offered last week.  Trump is fuming at the plant closures, and appears to want to reverse the actions GM is taking to stay ahead of emerging technology and skills changes. To that end, Trump called on GM to close one of its plants in China.  And he threatened to strip the company of modest federal incentives to stimulate electric car production. However, that would only hurt GM’s and America’s competitiveness by hindering the company’s plans to invest more in the technology and people needed to produce electric and self-driving cars as those become viable products.

What should be done instead? As a nation, we should be embracing transformative technology and its widespread deployment whether it be electrification and hyper-efficient batteries in the auto sector or automation and AI more broadly. Likewise, we should be increasing our investments in education and workforce training (and re-training), with a focus on digital skills. Only in that way will workers be able to ride out the coming waves of tech-driven staffing changes. And finally, the nation needs to do much more to provide basic supports for people and places struggling with the harsh impacts of labor market change. To be sure, workers must adapt, but firms, governments, and regions all have a responsibility to help.

All of which is to say: GM’s announcement of layoffs last week is much more than a routine course-adjustment by a company alert to market softening after a good run.  Rather, it’s a wake-up call about the labor market implications of the “digitalization of everything.”

McKinsey Insights & Publications
Amid a raft of new duties for CFOs, our survey suggests that finance leaders are well positioned to lead the C-suite agenda by championing transformations, digitization, and capability building.
McKinsey partners offer perspectives on the most crucial elements to become a truly agile organization.
By redirecting resources and employees to higher-value areas, companies can ensure that organizational structure and spending align with business strategy.

No comments