PwC Chairman Aims to Keep Millennials Happy
By JAVIER ESPINOZA
WSJ, July 11, 2011
http://online.wsj.com/article/SB10001424052702303365804576434223787503598.html
When Dennis Nally started at PricewaterhouseCoopers LLP 37 years ago, the business was simpler, says the chairman of the accounting and management-consultancy. Back then nearly 80% of firm revenue stemmed from PWC audit work in the U.S.
Today, the company has 175,000 employees operating in 154 countries. And about half of PwC's global revenues derive from tax and advisory work, which includes consulting on operations, human resources and M&A, among other things.
About 18% of the firm's revenue comes from work for clients in developing markets in Asia, the Middle East, South America and Africa. Over the next five years, the company expects this to grow to 40%, as its clients become increasingly focused on emerging markets.
Recruiting and hiring, particularly in those markets, is the biggest challenge the firm and its clients are facing, says Mr. Nally. As evidence, he quotes from PwC's annual global CEO survey, released in April, in which more than 90% of the business leaders surveyed said that they are focused on making significant changes to their human-resource policies in the next 12 to 18 months.
The Wall Street Journal spoke with Mr. Nally in London where he talked about hiring and the importance of keeping the so-called millennial generation happy. Edited excerpts:
WSJ:How do you define talent?
Mr. Nally:Having the technical skills is important but that's almost a given these days. [Talent is also] having the right softer skills in terms of being [able] to work in a collaborative environment, teaming with people, good communication skills, good sensitivities to cultural diversity.
WSJ:What's the biggest challenge for companies when trying to recruit talented staff?
Mr. Nally:The competition for talent in the emerging markets has never been greater and that's placing a lot of pressure on salaries. Having a competitive compensation base is really important. It's [also] about how to create an environment where people want to be. This millennial generation is not just looking for a job, they're not just looking for salary and financial benefits, they're looking for skill development, they're looking for mobility, they're looking for opportunities to acquire different skills and to move quickly from one part of an organization to another. How you manage that sort of talent and how you deal with their expectations is very different from what's been done in the past.
So, clearly articulating your people strategy, what you can deliver and importantly what you expect in return is key. Connecting with your employees so they understand you can deliver the career they want is key.
WSJ:How do you go about creating that connectivity?
Mr. Nally:The human capital agenda has to be driven by the CEO. It's so strategic today that you want to have great support coming from the HR organization, but if this isn't viewed as just as strategic as new products and services or research and development, [it] won't be successful.
WSJ: Why is this thirst for talent more evident now than before?
Mr. Nally: The opportunities are so significant, coming from all different directions in all parts of the world that the demand for talent is at an all-time high. In today's global competitive workplace, you can't think just in the context of your own territory.
WSJ: What sort of policies will companies need to put in place?
Mr. Nally: The millennium generation is probably the most technological group of people ever joining the workforce. How they want to work, use social media and team within a company is very different than the prior generation. If your human policies aren't responsive to what they are looking for, they are going to go to a company that is. They want less-hierarchical structures, they want more flexibility, they want to work as hard but they want to define how they do their work. If you can't figure out a way to accommodate that kind of flexibility, you're not going to be able to retain that talent.
WSJ: What [is PwC] doing to attract and retain talent?
Mr. Nally:We have adapted both how we recruit and how we work with people once they join us to suit the millennial generation. For example, in the U.S. we have set up a LinkedIn application that allows students to track the career paths of existing graduate trainees already in the firm so a student can see how a career with PwC develops. In the U.K., we use a Facebook application to connect recruits together before they join so they can begin to build their own PwC community.
We also provide mentors for our people from day one both formally and informally and encourage people to actively use their mentors to build skills and experience. We understand that flexibility and the ability to gather useful experience are key, as a result we actively encourage our people to move both between different business areas and around the world to gain experience. We also provide career breaks, flexible working, cycles of experience outside PwC and we actively encourage volunteering.
---
Correction: Dennis Nally is the chairman of PricewaterhouseCoopers. In an earlier version of this article, the caption and headline incorrectly said Mr. Nally was the CEO.
Tuesday, July 12, 2011
Thursday, June 16, 2011
Richard Clarke's China's Cyberassault on America
China's Cyberassault on America. By RICHARD CLARKE
If we discovered Chinese explosives laid throughout our national electrical system, we'd consider it an act of war. China's digital bombs pose as grave a threat.
The Wall Street Journal, Wednesday, June 15, 2011
http://online.wsj.com/article/SB10001424052702304259304576373391101828876.html
In justifying U.S. involvement in Libya, the Obama administration cited the "responsibility to protect" citizens of other countries when their governments engage in widespread violence against them. But in the realm of cyberspace, the administration is ignoring its primary responsibility to protect its own citizens when they are targeted for harm by a foreign government.
Senior U.S. officials know well that the government of China is systematically attacking the computer networks of the U.S. government and American corporations. Beijing is successfully stealing research and development, software source code, manufacturing know-how and government plans. In a global competition among knowledge-based economies, Chinese cyberoperations are eroding America's advantage.
The Chinese government indignantly denies these charges, claiming that the attackers are nongovernmental Chinese hackers, or other governments pretending to be China, or that the attacks are fictions generated by anti-Chinese elements in the United States. Experts in the U.S. and allied governments find these denials hard to believe.
Three years ago, the head of the British Security Service wrote to hundreds of corporate chief executive officers in the U.K. to advise them that their companies had in all probability been hacked by the government of China. Neither the FBI nor the Department of Homeland Security has issued such a notice to U.S. executives, but most corporate leaders already know it.
Some, like Google, have the courage to admit that they have been the victims of Chinese hacking. We now know that the "Aurora" attack (so named by the U.S. government because the English word appears in the attack software) against Google in 2009 also hit dozens of other information technology companies—allegedly including Adobe, Juniper and Cisco—seeking their source code. Aurora wasn't an isolated event. This month Google renewed its charge against China, noting that the Gmail accounts of senior U.S. officials had been compromised from a server in China. The targeting of specific U.S. officials is not something that a mere hacker gang could do.
The Aurora attacks were followed by systematic penetrations of one industry after another. In the so-called Night Dragon series, attackers apparently in China went after major oil and gas companies, not only in the U.S. but throughout the world. The German government claims that the personal computer of Chancellor Angela Merkel was hacked by the Chinese government. Australia has also claimed that its prime minister was targeted by Chinese hackers.
Recently the computer-security company RSA (a division of EMC) was penetrated by an intrusion which appears to have stolen the secret sauce behind the company's SecureID. That system is widely used to protect critical computer networks. And this month, the largest U.S. defense contractor, Lockheed, was subject to cyberespionage, apparently by someone using the stolen RSA data. Cyber criminals don't hack defense contractors—they go after banks and credit cards. Despite Beijing's public denials, this attack and many others have all the hallmarks of Chinese government operations.
In 2009, this newspaper reported that the control systems for the U.S. electric power grid had been hacked and secret openings created so that the attacker could get back in with ease. Far from denying the story, President Obama publicly stated that "cyber intruders have probed our electrical grid."
There is no money to steal on the electrical grid, nor is there any intelligence value that would justify cyber espionage: The only point to penetrating the grid's controls is to counter American military superiority by threatening to damage the underpinning of the U.S. economy. Chinese military strategists have written about how in this way a nation like China could gain an equal footing with the militarily superior United States.
What would we do if we discovered that Chinese explosives had been laid throughout our national electrical system? The public would demand a government response. If, however, the explosive is a digital bomb that could do even more damage, our response is apparently muted—especially from our government.
Congress hasn't passed a single piece of significant cybersecurity legislation. When the Chinese deny senior U.S. officials' claims (made in private) that Beijing is stealing terabytes of data in the U.S., Congress should not leave the American people in doubt. It should demand answers to basic questions:
What does the administration know about the role of the Chinese government in cyberattacks on public and private computer networks in the United States?
If there is widespread Chinese hacking of sensitive U.S. networks and critical infrastructure, what has the administration said about it to the Chinese government? Specifically, did President Obama raise concerns about these attacks with Chinese President Hu Jintao at the White House this spring?
Since defensive measures such as antivirus software and firewalls appear unable to stop the Chinese penetrations, does the administration have any plan to address these cyberattacks?
In private, U.S. officials admit that the government has no strategy to stop the Chinese cyberassault. Rather than defending American companies, the Pentagon seems focused on "active defense," by which it means offense. That cyberoffense might be employed if China were ever to launch a massive cyberwar on the U.S. But in the daily guerrilla cyberwar with China, our government is engaged in defending only its own networks. It is failing in its responsibility to protect the rest of America from Chinese cyberattack.
Mr. Clarke was a national security official in the White House for three presidents. He is chairman of Good Harbor Consulting, a security risk management consultancy for governments and corporations.
If we discovered Chinese explosives laid throughout our national electrical system, we'd consider it an act of war. China's digital bombs pose as grave a threat.
The Wall Street Journal, Wednesday, June 15, 2011
http://online.wsj.com/article/SB10001424052702304259304576373391101828876.html
In justifying U.S. involvement in Libya, the Obama administration cited the "responsibility to protect" citizens of other countries when their governments engage in widespread violence against them. But in the realm of cyberspace, the administration is ignoring its primary responsibility to protect its own citizens when they are targeted for harm by a foreign government.
Senior U.S. officials know well that the government of China is systematically attacking the computer networks of the U.S. government and American corporations. Beijing is successfully stealing research and development, software source code, manufacturing know-how and government plans. In a global competition among knowledge-based economies, Chinese cyberoperations are eroding America's advantage.
The Chinese government indignantly denies these charges, claiming that the attackers are nongovernmental Chinese hackers, or other governments pretending to be China, or that the attacks are fictions generated by anti-Chinese elements in the United States. Experts in the U.S. and allied governments find these denials hard to believe.
Three years ago, the head of the British Security Service wrote to hundreds of corporate chief executive officers in the U.K. to advise them that their companies had in all probability been hacked by the government of China. Neither the FBI nor the Department of Homeland Security has issued such a notice to U.S. executives, but most corporate leaders already know it.
Some, like Google, have the courage to admit that they have been the victims of Chinese hacking. We now know that the "Aurora" attack (so named by the U.S. government because the English word appears in the attack software) against Google in 2009 also hit dozens of other information technology companies—allegedly including Adobe, Juniper and Cisco—seeking their source code. Aurora wasn't an isolated event. This month Google renewed its charge against China, noting that the Gmail accounts of senior U.S. officials had been compromised from a server in China. The targeting of specific U.S. officials is not something that a mere hacker gang could do.
The Aurora attacks were followed by systematic penetrations of one industry after another. In the so-called Night Dragon series, attackers apparently in China went after major oil and gas companies, not only in the U.S. but throughout the world. The German government claims that the personal computer of Chancellor Angela Merkel was hacked by the Chinese government. Australia has also claimed that its prime minister was targeted by Chinese hackers.
Recently the computer-security company RSA (a division of EMC) was penetrated by an intrusion which appears to have stolen the secret sauce behind the company's SecureID. That system is widely used to protect critical computer networks. And this month, the largest U.S. defense contractor, Lockheed, was subject to cyberespionage, apparently by someone using the stolen RSA data. Cyber criminals don't hack defense contractors—they go after banks and credit cards. Despite Beijing's public denials, this attack and many others have all the hallmarks of Chinese government operations.
In 2009, this newspaper reported that the control systems for the U.S. electric power grid had been hacked and secret openings created so that the attacker could get back in with ease. Far from denying the story, President Obama publicly stated that "cyber intruders have probed our electrical grid."
There is no money to steal on the electrical grid, nor is there any intelligence value that would justify cyber espionage: The only point to penetrating the grid's controls is to counter American military superiority by threatening to damage the underpinning of the U.S. economy. Chinese military strategists have written about how in this way a nation like China could gain an equal footing with the militarily superior United States.
What would we do if we discovered that Chinese explosives had been laid throughout our national electrical system? The public would demand a government response. If, however, the explosive is a digital bomb that could do even more damage, our response is apparently muted—especially from our government.
Congress hasn't passed a single piece of significant cybersecurity legislation. When the Chinese deny senior U.S. officials' claims (made in private) that Beijing is stealing terabytes of data in the U.S., Congress should not leave the American people in doubt. It should demand answers to basic questions:
What does the administration know about the role of the Chinese government in cyberattacks on public and private computer networks in the United States?
If there is widespread Chinese hacking of sensitive U.S. networks and critical infrastructure, what has the administration said about it to the Chinese government? Specifically, did President Obama raise concerns about these attacks with Chinese President Hu Jintao at the White House this spring?
Since defensive measures such as antivirus software and firewalls appear unable to stop the Chinese penetrations, does the administration have any plan to address these cyberattacks?
In private, U.S. officials admit that the government has no strategy to stop the Chinese cyberassault. Rather than defending American companies, the Pentagon seems focused on "active defense," by which it means offense. That cyberoffense might be employed if China were ever to launch a massive cyberwar on the U.S. But in the daily guerrilla cyberwar with China, our government is engaged in defending only its own networks. It is failing in its responsibility to protect the rest of America from Chinese cyberattack.
Mr. Clarke was a national security official in the White House for three presidents. He is chairman of Good Harbor Consulting, a security risk management consultancy for governments and corporations.
Subscribe to:
Posts (Atom)
Posts
