Issue link: https://nebusinessmedia.uberflip.com/i/593709
www.HartfordBusiness.com November 2, 2015 • Hartford Business Journal 21 BIZ BOOKS George Washington's leadership lessons "G eorge Washington's Lead- ership Lessons — What the Father of Our Country Can Teach Us about Effective Leadership and Character" by James C. Rees with Stephen Spignesi (John Wiley & Sons, $21.95). The father of our country may have been born to lead. How he learned to lead is a tale of openness to experience, personal challenge and humanity. One may ask what a soldier and politician can teach businessmen today. The answer: Washington was a businessman, too. His estate at Mount Vernon housed the nation's largest whiskey distillery, a milling operation and a fishery. His lessons apply today; here are some noteworthy ones: Trust and honesty — Washington realized that people only believed in and followed people they trusted and respected. Honesty is the foundation of trust. The rules apply to everyone — but especially to the leader. In today's society, many leaders, rising stars and superstars expect some slack. Giving it to them creates an organizational cul- ture of privilege, not productivity, because opportunity and reward isn't equal for all. Communication — Choose your words wisely. Washington penned over 20,000 let- ters. He seldom assumed that anything in writing would remain private. With our proliferation of email, no pri- vacy can be expected. He was meticulous about spelling, grammar and punctuation, too. He believed that written correspondence was a reflec- tion on the capability and character of the writer. Send- ing out slipshod communica- tions meant you did slipshod work. Proofread your work; pause before sending knee- jerk emails. Ambition — You need it to lead. It allows you to challenge yourself. Ambition demands a diverse perspective on learning and a respect for the knowledge and opin- ions of others. It requires alliances that can only be built through networking. Wash- ington was an accomplished fencer and dancer because these talents afforded him access to events attended by those in the "right" social circles. He used that access to share his knowledge and learn from others. Today, building internal alliances and active participation in professional associations can propel careers. Blind ambition is another matter. It's based on climbing over people at all costs. Good judgment — Washington believed in informed decisions. He also believed diverse talent, not a group of "Yes Men," was the best source of information. They didn't have opinion polls or political ratings back then; Washington based deci- sions on what he believed to be right rather than expedient. Today, many corporate leaders seem to believe that questionable ways to grow market share and meet Wall Street's estimates are "right." • • • "The Halo Effect … and the Eight Other Delusions That Deceive Managers" by Phil Rosenzweig (Free Press, $17). When it comes to business models, are those of Google or Starbucks so much better than any other companies? Or are these companies just in the right place at the right time? Think Cisco — Wall Street's darling in the late 1990's. It was the most valuable com- pany in the world with a share price of $80 in April 2000. The business press heralded its management as visionary. In May 2001, with its shares selling at $14, the business press tore into it. What had really changed at Cisco dur- ing a year? Management's vision for the firm hadn't changed. Its business model hadn't changed. The business climate changed abruptly as the dot-com bubble was about to burst. Cisco's halo tilted and the press knocked it further askew. The Halo Effect: Things we claim drive company performance are attribu- tions based on prior per- formance. The Halo Effect works insidiously inside the company because it rose- colors strategy, decisions and the competitive view. It ignores that forces outside the firm's control affect the market. The other seven delusions are eye-poppers, too. n Jim Pawlak is a nationally syndicated book reviewer. Jim Pawlak EXPERTS CORNER CT gets tough on cyber security requirements By John Farley O rganizations of all sizes continue to struggle to safeguard their sensitive data and ward off external threats to their network's security. These threats come from all sources, including organized crime groups, state-sponsored actors, "hacktivists" and rogue employees. Their methods of attack constantly evolve and become more sophisticated by the day. Even those with enormous cyber- security budgets find themselves victims of data theft. It has become abundantly clear that cyber security efforts have failed to keep up. In 2015, the issue became personal to one in four Ameri- cans. In February, Anthem announced that 80 million members' personal data, including social security numbers, may have been com- promised by hackers. In June, Connecticut state authori- ties responded with force as Gov. Malloy announced that he signed into law Public Act 15-142: An Act Improving Data Security and Agency Effectiveness. Effective Oct. 1, 2015, it requires: • Free identity theft protection: Should an organization fall victim to a data breach involving social security numbers of Connecticut residents, they will be required to offer at least one year of free identity theft prevention services and identity theft resto- ration services if needed. In addition, it will require companies to instruct affected indi- viduals how to place a credit freeze on their credit file. • Notification deadlines: Companies will be required to notify the affected popu- lation no later than 90 days after discovering the incident. Notice will also be required to the attorney general. • Expanded definition of personally identifiable information: In addition to common identifiers such as social security numbers, Connecticut includes biometrics, like finger prints, voice prints and iris scans in the definition of personally identifiable information. • Cybersecurity standards: Specific industry groups, such as health insurance companies and state contractors will now need to maintain comprehensive data security and information security standards. Connecticut is one of 47 states that has its own specific guidelines organizations must contend with in the aftermath of a data breach. If a data breach affects residents of multiple states, it will require a complex and time consuming effort to sort through all of the state notice requirements. Nine states changed their requirements in 2015 alone, and many more are expected to make revisions in the coming months. This creates additional confusion for any entity that must comply with multiple state man- dates, and could delay notice to affected indi- viduals. This issue has spurred recent federal legislation aimed at streamlining notification and cybersecurity requirements into one uni- fied standard that all states would follow. Connecticut Senate Majority Leader Bob Duff (D-Norwalk) and Attorney General George Jepsen have taken issue with this legislation. While this might alleviate the complexities of sorting through the 46 dif- ferent state statutes, it might also weaken compliance requirements made in states like Connecticut. In theory, it could eliminate the powers of an attorney general to investigate incidents, and limit state's ability to mandate cybersecurity standards and to punish orga- nizations that are not compliant with cyber- security best practices. As state and federal legislation evolves, one thing is clear: Our sensitive data is under constant attack, and a coordinated effort between the public and private sector to protect it is critical. A consensus on how to approach the problem is needed sooner rather than later. Hackers have kept one step ahead, and appear to be winning the fight for our data. n John Farley is vice president and cyber risk practice leader for HUB International, a global insurance brokerage with offices throughout North America. John Farley ▶ ▶ Washington realized that people only believed in and followed people they trusted and respected. Honesty is the foundation of trust. ▶ ▶ It has become abundantly clear that cyber security efforts have failed to keep up.