"...insights for scaleups"
Update on Cyber Attack (PLEASE READ) -- below are a few very simple, yet critical, things all companies must do to prevent being defrauded like me - I feel so foolish, but first...
Leadership Lessons from a Championship Coach -- Coach John Wooden was one of the winningest Coaches in sports history, but his greatest achievements actually happened off the court. Coach Wooden created a Pyramid of Success, a complete guide to leading yourself and others to a championship life. During his lifetime, Coach taught his Pyramid to high performing CEOs, shared his message with Fortune 500 companies, and mentored many of today's greatest leaders. Now, for the very first time, you can learn to apply his leadership lessons and create championships for your organization. Click here to learn more about a complimentary November 15 webinar hosted by SUCCESS Magazine.
Coaching Replaces Managing -- it's been a constant theme of mine in 2016. No one really wants managed anymore - data has replaced management. But we all need coaching. This is why I'm excited about my dear friend Stuart Johnson's (owner of SUCCESS Magazine) upcoming program he's created with some of the top players and influencers surrounding Coach Wooden. Stuart does everything first class, so expect the same from the webinar and program.
Right Players -- and critical to "championships" is recruiting. Two specific articles/blog posts this week by Scaling Up fans/practitioners provide some excellent details around attracting and hiring the right people. The first is by Sukesh Das, Founder & Chief Editor of hrmanagementleaders.com. He opens with the 3 reasons standard job descriptions end up attracting the WRONG talent (he nailed it!). Then he goes on to detail the creation of a Job Scorecard along with an excellent example and sample Job Scorecard. The key is including the OUTCOMES you're wanting this person to achieve. His example really helps to clarify the whole process, worth the 1 minute to read. Thanks Sukesh.
Common Language -- coaches also create a common language to streamline communication. Besides emphasizing the importance of Topgrading in this Forbes article, David Schnurman, CEO Lawline (largest provider of online legal education), goes on to detail how implementing a common language completely transformed his growth firm. Specifically:
Please take 2 minutes to scan through David's article for more details. Thank you David.
Great Coaches Know When to Say No -- and my latest Huffington Post column highlights Scott Smigler's $9.4 million firm EXCLUSIVE Concepts which he founded when he was 16. Like all startups, he said yes to everything. But it was when he started saying no that the business scaled. Harder than it sounds, Scott details his thought process and how his firm has honed in on a specific buyer persona that's helped him break out of a very crowded e-commerce marketing space. He went on to establish 9 measures of an ideal client his sales team uses to evaluate each potential deal. Though he had to turn away 40-50% of business he would have taken earlier, the greater focus has actually sped up growth, though it wasn't easy in the transition. Please take 1 minute to read through the details.
Coaches Provide Sense of Security (PLEASE READ) -- ...and I failed. Wow, first, hundreds of you emailed and shared similar stories - this problem is rampant. And we hosted a roundtable of CEOs at the Growth Summit to further discuss. So what are the lessons:
- I became cavalier/lax about security, thinking it couldn't happen to me. HUGE mistake - and something the hackers bank on - we're easy prey. Read Mark Goodman's bestseller Future Crimes if my experience didn't wake you up!
- Assume ALL your email is being read - and with the "hole" announced yesterday in Microsoft Windows 10, giving hackers deep access (likely the source of my breach), I'm not sure you can keep email safe even using VPNs (strongly recommended, so I'm using more diligently when I travel).
- I say MIGHT because we don't know. So I've taken the position of Google and I'm building all our financial and sensitive information protocols around one assumption - NO email is safe. I heard of many scams where invoices were intercepted and bank account info changed - so your payables department thinks it's paying a regular bill and wires the funds to the wrong account - ugh. One firm was defrauded $10 million this way.
- So what do you do? It sucks, but ALL financial transactions are now reviewed by me via a PHONE call with TWO people. Then I have to take the time, via my CEO Portal, and use my dongle (key) to OK the transactions.
- NO sensitive info is sent via email - account numbers, credit card numbers, etc. - I make a phone call.
- ALL bank wire info included on invoices is varied by PHONE with the supplier we're paying before being entered into our CEO Portal for dual authentication approval. Once it's in the system, we then pay that vendor via that account - not what might be on a future invoice. And if they send a change of bank info, it's verified via a PHONE call to the vendor (verifying the phone number online).
- Sadly - 90% of theft is an internal job! So build your protocols with this in mind as well. TWO people have to verify everything.
BTW, this is another use of the daily huddle - to verbally verify information. The short of it - you can't trust email, no matter what you do.
And please read J. Paul's email to me (figure the hackers already have!) - lots of additional info and stats around this cybersecurity problem. He shares how one company was defrauded $47 million in a similar scam to mine.
From: J.Paul Haynes [mailto:email@example.com]
Sent: Saturday, October 15, 2016 3:51 PM
To: Verne Harnish <firstname.lastname@example.org>
Subject: Sorry to hear the 400k hack story
Verne - it's been awhile since we talked. I think we were doing an Acetech event together. Looks like all is good on your end minus the hacking.
My firm eSentire is a cybersecurity as a service organization that I joined 6 yrs ago. So I feel your pain on the loss. There is even an acronym for it called business executive compromise (BEC). If you want to feel slightly less bad about it, check out the story on Ubiquity Networks where they lifted $47m = one quarters earnings using a similar technique.
We were doing 800k per year when I started 6 years ago. We will finish this year with committed SaaS revenue of $30m. We secure over $3.5 trillion of Wall Street assets in hedge funds, PE firms, broker dealers as well as law firms, hospitals and many others. Point is everybody needs help. Ransomware will be the biggest challenge we have had to face as it has the best of the nastiest methods all rolled into one.
Day one we adopted the one page plan and it has been the only management tool/thing that survived the growth. I use with new staff orientation and to get alignment. Call me old school - I like the retro version for us growing at 15-20% per quarter.
The reality is the government knows this is the single biggest threat to the US economy and we see the attack attempts 24x7 every single day. Mid-sized and emerging companies (majority of your subscribers) are the easy prey. Consider this - ransomware will generate $300m in Q4 alone - pays no taxes and outsources development. That leaves a lot of free cash to perfect their tradecraft. What a perfect business. And they probably stole the one-page plan to boot!
Anyways let me know if there is a way I can help.