Category Archives: HR leadership

‘HR Lady’s’ Security Breach

177870130 -- credit card securityI’m imagining you, too, would stop your web browsing for one minute and read an article titled How we tricked your HR lady into giving us access to every customer’s credit card number. I obviously did.

The piece posted by network and security firm Netragard on its website lays out in pretty compelling detail all the steps the company went through to test one of its clients, unbeknownst to the client of course, for its level of vulnerability and/or security through a method it calls penetration testing. For the sake of the anonymity of the large retail corporation being tested, Netragard refers to it as Acme Corp.

What got my attention reading through the piece was just how clever and good hackers have to be, not to mention the companies offering their services to protect them from their covert ways.

Like many a hacker, no doubt, Netragard started out by identifying a job opportunity posted on LinkedIn, in this case for a senior security analyst. Here’s just a small portion of the company’s lengthy description of the ploy:

“Interestingly, the opportunity was not posted on Acme Corp.’s website. When Netragard reviewed the opportunity, it contained a link that redirected Netragard to a job-application portal that contained a resume-builder web form. This form was problematic because it worked against our intention to submit an infected resume to HR. We backtracked and began chatting on LinkedIn with the lady who posted the job opportunity. We told her that the form wasn’t loading for us but that we were interested in applying for the job. Then she asked us if we could email our resume to her directly, and of course we happily obliged.

“Our resume contained a strand of RADON 2.0. RADON is Netragard’s zeroday malware generator, designed specifically with customer well-being and integrity in mind. … Shortly after delivering our infected resume, RADON called home and had successfully infected the desktop belonging to the nice HR lady [who] we chatted with on LinkedIn. Our team covertly took control of her computer and began focusing on privilege escalation.

“RADON was running with the privileges of the HR employee that we infected. We quickly learned that those privileges were limited and would not allow our team to move laterally through the network. To elevate privileges, we impersonated the HR employee [who] we compromised and forwarded our infected resume to an IT security manager. The manager, trusting the source of the resume, opened the resume and was infected.

“In short time, RADON running on the IT security manager’s desktop called home. It was running with the privileges of the IT security manager who also happened to have domain administrative privileges.  Our team ran procdump on his desktop to dump the memory of the LSASS process. This is important because the LSASS process contains copies of credentials that can be extracted from a dump.  The procdump command is ‘safe’ because it is a Microsoft standard program and does not trigger security alerts. However, the process of extracting passwords from the dump often does trigger alerts. To avoid this, we transferred the dump to our test lab where we could safely run mimikatz to extract the credentials.

You with me still? The good folks at Netragard then used those credentials to access all three of Acme Corp.’s domains and extract their respective password databases. They then exfiltrated those databases back to their lab and successfully cracked 93 percent of all the current and historical passwords for all employees at Acme Corp.

The total elapsed time between initial point of entry and password database exfiltration was 28 minutes. Let me repeat that: 28 minutes. That’s less than half an hour. And at that point, the company had reached what it calls “an irrevocable foothold” in Acme Corp.’s network. “With that accomplished,” its post says, “it was time to go after our main target,” the cardholder-data environment.

And this, mind you, was a company whose principals had told Netragard that they were highly confident they could withstand any attempted security breach or inadvertent lapse, and that no vendor (or hacker to their knowledge) had ever breached their corporate domain let alone their CDE.

Thank goodness Netragard was simply trying to protect them by revealing their weakness — a “nice lady” sitting in the HR department. Perhaps, on reading this post, you might want to set up some special communications with all the nice folks in your HR organization (?)

As Netragard’s post implores:

” … the differences between compliance and security are vast. In the past decade we’ve seen countless businesses suffer damaging compromises at the hands of malicious hackers. These hackers get in because they test with more talent, more tenacity and more aggression than nearly all of the penetration-testing vendors operating today. For this reason, we can’t stress enough how important it is that businesses select the right vendor and test at realistic threat levels.”

And self-promoting though it may be, I couldn’t resist including its sign-off:

“It is impossible to build effective defenses without first understanding how a real threat will align with your unique risks. At Netragard, we protect you from people like us.”

Tweet This!

Getting Incivility Under Control

Does incivility take a toll on today’s workplace?

Well, if we’re to believe the findings of a recent study out of Michigan State University, the answer is yes—and maybe more than we’d like to think.

ThinkstockPhotos-579244800To capsulize, the researchers, who have published their work (titled Who Strikes Back? A Daily Investigation of When and Why Incivility Begets Incivility) in a recent issue of the Journal of Applied Psychology, found that experiencing rude behavior reduces employees’ self-control and leads them to act in a similar uncivil manner. (In doing their study, they asked 70 employees to fill out a survey relating to incivility and its effects three times a day for 10 consecutive workdays.)

Of course, this finding is not all that surprising. As human beings, we’re easily influenced by those around us. Right? Probably the more interesting finding is the unintentional nature of so-called “incivility spirals”—i.e., when acts of incivility lead to subsequent acts of incivility.

As Russell Johnson, an associate professor of management at Michigan State University and the study’s lead author, explains …

“When employees are mentally fatigued, it is more difficult for them to keep their negative impulses and emotions in check, which leads them to be condescending and rude to colleagues. This happens even for employees who desire to be agreeable and polite; they simply lack the energy to suppress curt and impatient responses.”

That’s certainly a troubling thought, especially if you work at an organization in which incivility is clearly visible at the highest levels.

The study also found that incivility spirals occurred in workplaces that were perceived as political (i.e., where co-workers “do what is best for them, not what is best for the organization”).

Because the “intentions and motives of others are less clear” at such organizations, the researchers report, employees have a harder time understanding why they were targeted and how best to respond.

You’ve got to think, I might add, that this inevitably would take a serious toll on employee effectiveness and productivity.

In response to what they found, the researchers emphasize the need for managers to provide employees with clearer feedback on “the types of behaviors that are desired,” both informally through day-to-day interactions and formally through the performance-management process.

Certainly great advice. But is it enough to prevent incivility from spiraling out of control?

Tweet This!

Leadership-Development Woes Continue

It seems there’s still a whole lot wrong with leadership development.

540869810 -- HR leaderThe latest survey on the subject — from Harvard Business Publishing Corporate Learning — finds only 7 percent of organizations believe their leadership-development programs are best-in-class.

And even among those best-in-class programs, the survey finds, 40 percent of respondents feel leadership development is only important — not fundamental — to business strategy. Those top programs also struggle mightily with both measurement and innovation, it says.

Worse still, the majority of business managers and L&D professionals aren’t seeing eye-to-eye on the impact or relevancy of their leadership-development programs. Seventy percent of L&D professionals expect leadership development to become a strategic priority in the next three years, compared to only 47 percent of business managers … with only 19 percent of the latter group strongly agreeing their programs have a high relevance to the business issues they face.

The survey and its report makes a loud clarion call for more companies to stand behind their leadership-development programs and take them more seriously. As Ray Carvey, executive vice president of corporate learning and international at HBP, says:

“Although these survey results do not completely surprise us, they do show that, when leadership-development programs are designed and developed as a strategic priority, aligned to both goals and key challenges, businesses have a better chance at growth.”

Leaders and leadership-development programs behaving badly is no new tune in this profession. This post from earlier this year lays out the problem as one of corporate sponsorship. Or the lack thereof.

This study back in 2013 by Development Dimensions International finds most leaders worldwide still lack the fundamental skills to lead and still don’t know how to have important yet basic leadership conversations with their ranks and teams. So leadership-development failure? I think so.

This piece on HREOnline.com cites, as the majority of programs’ foibles, the failure to link leadership development to strategic objectives.

Which echoes nicely with what Carvey thinks. In his final parting shot of hopefulness, he says:

“While it’s easy to read this report as L&D teams are consistently being overlooked, or not doing a great job interpreting and responding to the needs of the business, there is a big silver lining here: Leadership development programs, when they work, absolutely have an impact on business success.

“L&D teams must embrace new ways of aligning with the business, demonstrating relevance and proving impact, not only to change the perception of leadership development in their organizations but also to better prepare their businesses for future growth.”

How you go about assessing that alignment, and adopting strategies to ensure your business and leadership-development initiatives are better connected, is entirely up to you, of course. Just don’t assume it’s “all good.”

Tweet This!

Mercer’s Take on ‘Why HR Needs to Change’

There weren’t any huge surprises in Mercer’s recently released HR Transformation report, “Why HR Needs to Change,” but it certainly underscores the continuing clarion call for HR to better develop its 450744473 -- women business leaderown and prepare for significant changes to the profession.

The report cites Mercer’s recent Global Talent Trends Study, which finds that, while only 5 percent of employers polled say HR is seen as a strategic partner in their organization and more than 80 percent say their talent processes need an overhaul, a measly 13 percent say they have a systematic curriculum for developing HR professionals.

Granted, the pressures on HR to change that are cited in this latest report are all pressures we’ve reported on: the growing digital workforce, businesses’ needs to become more global yet remain local, the rising tide of data analytics, flexible workplace designs and the evolving role of the manager, to name the first five.

Also well-documented already are the challenges in executing a viable HR business-partner model — “originally designed to add business acumen and consultative skills in HR [but too often implemented in organizations] with little more than a title change and without discussing how generalists can acquire the skills needed to take on new responsibilities and [remove] existing administrative tasks from their job[s],” as the report states.

But HR experts I reached out to about it do agree the message — call it a warning, if you will, that HR better change or cease to exist — is a good and necessary one, a warning HR practitioners and leaders need to be paying attention to.

John Boudreau, professor at the University of Southern California’s Marshall School of Business, and a handful of like-minded HR leaders including Eva Sage-Gavin and Kaye Foster-Cheek, recognized this problem years ago and established the CHREATE initiative in 2013 to — in the words of its online description — “map how HR must evolve to meet the future challenges in 10 years, to identify pivotal initiatives to accelerate that evolution, and to design the actions needed to make the future a reality.” I especially like this description of its mission, posted by CHREATE:

“Through the power of open-source collaboration, participant diversity, volunteerism and a unique combination of in-kind and financial resources, we aim to continue and extend the community of senior HR leaders who will reimagine a profession equipped to address the challenges of the future.”

Boudreau pointed me to this piece he posted on the Visier site back in April, in which he describes the “evolving work ecosystem [as one that] requires ‘retooling’ HR issues using the best thinking from disciplines such as engineering, finance, neuroscience, marketing, operations and supply chain.”

He lays out in that piece the future roles required to meet the challenges of this new ecosystem, and I must admit I noticed none of these roles contain the letters “HR”:

“The Organizational Engineer is an expert in facilitating virtual teams, developing leadership wherever it exists, and talent transitions.  She is an expert at talent and task optimization.  She is the knowledge resource on principles such as agility, networks, power and trust.

The Virtual Culture Architect is a culture expert, advocate and brand builder.  He connects current and potential workers’ purpose to the organization’s mission and goals.  He is adept at principles of values, norms, and beliefs, articulated virtually and personally.

The Global Talent Scout, Convener, and Coach masters new talent platforms and optimizes the relationships between workers, work and the organization, using whatever platform is best (e.g., free agent, contractor, regular employee, etc.).  She is a talent-contract manager, talent-platform manager and career/life coach.

The Data, Talent & Technology Integrator is an expert at finding meaning in big data and algorithms, and how to design work that optimally combines technology, automation and humans.

The Social Policy & Community Activist creates optimal synergy between goals that include economic returns, social purpose, ethics, sustainability and worker well-being.  She influences beyond the organization, shaping policies, regulations and laws that support the new world of work, through community engagement.”

Indeed, if organizations will be needing their HR professionals to transform themselves to this degree, a great, great deal of in-house HR development will be needed across the business community and profession. Far more than a 13-percent commitment.

Boudreau, Sage-Gavin (former chief human resource officer for The Gap Inc.) and Foster-Cheek (former CHRO for Johnson & Johnson) wrote about their group’s mission and vision for the future of HR in a recent issue of People + Strategy.  I like what Mark Sokol, executive editor, says about his contributors and the profession they know so well in his introduction to the pieces (pages 8 through 10):

“Perhaps you know the William Gibson saying, ‘The future is already here; it’s just not very evenly distributed.’ Some people really do get to the future sooner than others, and we would be wise to learn from them. … [Sage-Gavin and Foster-Cheek] describe the future of work and human resources — a future that has arrived for some of us and, in time, will involve all of us. This is not just their opinion, but reflects a consensus of experts across our profession.

” …  Boudreau reminds us that [the two former CHROs aren’t just writing about] forecasting trends; [they’re writing about] changing how we see and define the world of work — and that can fundamentally change everything we do in human resources.”

Mind you, CHREATE — which stands for a Global Consortium to Reimagine HR, Employment Alternatives, Talent, and the Enterprise — does a very different kind of dive into how HR must change, but no doubt the researchers at Mercer would agree the time for such fundamental change has come.

Tweet This!

5 New Upcoming Roles for HR

I just came across this interesting piece on Forbes site in which contributor/digital nomad Kavi Guppta shares what he thinks will be the five most interesting new roles HR will play in the coming years.

While some of the titles, (manager of employee engagement, director of learning and diversity officer) seem pretty safe, the last two titles are worth a deeper look here:

Mindset coach:

An overworked workforce is an unhappy workforce. Wellness programs or policies inside companies are a powerful resource to keep employees happy, healthy, and focused. A Mindset Coach will institute important programs that ensure individuals create good habits in their day-to-day work experience. These good habits go beyond the realm of regular exercise and healthy eating.

A proper wellness program will include work-life balance processes, stress management and therapy programs, and facilitating an open dialogue around mental health and illness to remove much of the stigma that plagues the conversation and ailments. Again, the Mindset Coach will work closely with an Employee Engagement Manager and devise interactive ways to encourage participation and openness across the workforce. He or she will also collaborate with the Director of Learning on educational programs.

Talent & repertoire manager:

Sports franchises and the entertainment industry have long benefitted from internal scouts with an eye for great people. Companies should enjoy the same. The corporate world is full of recruitment firms that can pass along talented individuals, but who is looking out for the organization from the inside?

While talent recruitment may fall on a hiring manager or executive, a fully dedicated Talent & Repertoire Manager can be the eyes and ears on the ground for specific industries. He or she will have great relationships with top recruitment firms, and should also be known for having a good relationship with incubators, ecosystems or industry communities. He or she will also be responsible for navigating transformative trends in the talent marketplace–salary expectations, hot skillsets, and prospect track records–that will be crucial to the competitive offers an organization may submit to potential prospects.

According to Guppta, companies that utilize a specialized approach to HR will remove much of the “nanny-like” perception the department has famously faced inside organizations:

HR will no longer be known as the stuffy and stiff department that keeps everyone in line. Instead, it’ll be a vehicle for progress that will facilitate positive corporate culture transformation where employees and leadership have a stake in that change.

While there’s no guarantee these five job titles will prove to be the difference between success and failure in the future, it is nice to look ahead at the novel ways HR might bring more value to an organization.

 

Tweet This!

Battle Over Certifications Rages On

As might be expected, the Society for Human Resource Management made sure its HR-certification effort, announced roughly two years ago, received a healthy dose of air time this week at its SHRM 2016 conference in Washington.

ThinkstockPhotos-522859146At a press briefing on the opening day of the event, for example, Alexander Alonso, senior vice president for knowledge development and head of examination development and operations for SHRM’s professional certifications, reported that the society’s CP and SCP certifications are being well-adopted across key industries.

“Key metrics,” he said, “now include the 92,000 SHRM certificates that exist today [as well as] tremendous growth in the [number of] SHRM exam applications from spring 2015 all the way through to spring 2016, with roughly 9,800 people sitting for the exam in this window.” (Some of these figures were previously reported in a story we posted in April.)

In addition, he said that roughly 84,000 took part in the pathway certifications in 2015. (The pathway enables HR generalists who already have certain HR certifications to obtain SHRM’s certification by completing a brief online tutorial focusing on HR competencies.)

Alonso also reported that about 5,000 HR job postings per month refer to SHRM’s CP or SCP certifications and said that SHRM will be piloting a Spanish-language version of the exam in the winter.

What impact these numbers will have on the HR Certification Institute and its Professional in Human Resources and Senior Professional in Human Resources certifications isn’t entirely clear, but one thing is certain: HRCI isn’t sitting still.

In addition to holding a 40th Anniversary Celebration at Smithsonian American Art Museum (between hors-d’oeuvres and cocktails, participants were able to stroll the gallery and take in some great works of art), HRCI announced that, beginning on Nov. 1, it would offer year-round testing—essentially throwing testing windows “out the window” (HRCI’s words, not mine). Prior to this change, exams were available to practitioners twice a year.

As HRCI Chief Marketing Officer Kerry Morgan explained, HRCI is putting HR on the short list of professions that make certification exams available to their practitioners whenever they are ready and wherever it’s most convenient.

(SHRM currently has testing windows in the spring and winter.)

HRCI CEO Amy Schabacker Dufrane noted that HRCI partner organizations were especially excited about the move because it allows them to support the process year-round.

Asked about the impact of SHRM’s entrance in the field, Dufrane admitted that exam applications were down. But she pointed out that, during the group’s 40-year history, it wasn’t unusual for these numbers to decline during periods of low unemployment (currently at 4.7 percent), being that people may be less motivated to invest in their careers when the job market is more stable.

What’s more, she said, the number of recertifications was very encouraging, climbing from percentages in the mid-80s to around 91 percent.

Of course, as we’ve noted in the past, time will tell as to how this battle over HR certifications plays out. But for now, anyway, HRCI, as moves like this suggest, seems intent on keeping SHRM at bay and remaining a major force in the HR-certification world.

Tweet This!

A Three-Prong Approach for Transforming HR

If there ever was any doubt that HR is now at a pivotal moment in its evolution, Ryan Estis tried his best to put them to rest in his Monday Master Session titled “Rethinking HR: The Future of Work” at SHRM 2016.

Changes Ahead

Changes Ahead

Estis, chief experience officer for Ryan Estis & Associates in Minneapolis and a regular presenter at SHRM, told a packed room of attendees that the HR profession is at an important “inflexion point.” As the world of work continues to change, he said, HR professionals are going to need to transform the way they go about performing their jobs.

Specifically, Estis served up three key principles HR practitioners need to keep top of mind.

No. 1: The profession needs to undergo continuous reinvention. “It’s our opportunity to play offense and be a disruptor,” he said. To successfully contribute to their organizations, he explained, HR leaders have to step out of their comfort zone and try new approaches.

“I personally try to force myself to stay in my learning lane,” he said, noting that every day he asks himself if “I’ve done something today that made me uncomfortable?” and whether or not “I’m making progress and improving?”

People resist change because they’re afraid to fail, he said, adding that “the antidote for curing that problem is to take action,” he said.

Estis specifically cited Adobe’s decision a few years back to eliminate its performance-appraisal system as an excellent example of how HR was able step out of its comfort zone to fix a process that everyone agreed was broken. “Leaders hated it and employees hated it,” he said. “So they got rid of it and replaced it with what they call Check-ins, where employees have conversations with their managers.”

(Estis referred attendees to HRE’s July 2013 cover story titled “Rethinking the Review,” featuring Adobe Senior Vice President of People Resources Donna Morris on the cover.)

No. 2: HR needs to deliver from a position of influence. “You have to inspire other people to champion initiatives,” he said. “You can’t do it alone.”

The best leaders are the best listeners, he added.

Estis told those in the audience they need to be able to have the courage to attack old ways of doing things and be willing to challenge leadership.

Further, he said, HR must develop a digital mind-set if it expects to be relevant.

No. 3: Be a culture champion and a catalyst of change, he said. Employers with breakthroughs have great cultures, he said, referencing Mayo Clinic (another client of his) as an example of an organization that has built a culture that has resulted in a highly engaged and loyal workforce.

At the Mayo Clinic, he explained, every employee, even those who don’t have jobs in which they interact directly with patients, embrace the organization’s core value of “putting the needs of the patient first.”

In employee focus groups, he said, each and every employee who took part fully understood the role they play in actualizing that value.

Tweet This!

Effective Leaders Know their Leadership Stories

“What’s your leadership story?”

PeopleThat was the question posed to a roomful of attendees at the Society for Human Resource Management’s annual conference in Washington Monday. Speaking was Timothy J. Tobin, vice president of human resources for Marriott International, with headquarters in Washington as well.

And he had a host of things to think about that few probably had, based on the murmurs during and after his session, “Five Steps to Effectively Communicate Your leadership Story.”

Like what it really means to know your message and have a solid leadership point of view. And what it means to know yourself as a leader, why you are one and where you want to make a difference and have an impact. Equally important is understanding your core values and your personal mission.

“What contribution do you want to make? What do you want to accomplish? For whom?” he asked the crowd. “As Aristotle taught us many years ago, ‘knowing yourself is the beginning of all wisdom.’ ”

But even more crucial for those leading others in business, said Tobin, is to maximize those “moments of truth” with other leaders in order to better understand specific pieces of the business and interact with those who can actually help you — all the while, carrying yourself with credibility and consistency.

“Who you know,” Tobin said, “can be as powerful as what you know. But the most powerful of all is who knows you and what they would say on your behalf. Who are those people who can act as credibility substitutes and speak up for you when you’re not there? You gotta find these people.”

And how do you find, support and sustain such a network? By engaging others in the organization at every opportunity and in every decision that needs to be made.

“The four most important words in leadership,” said Tobin, are ‘What do you think?’ ”

Two more seemed to be equally important as session takeaways: perceptions matter.

“You are only as good of a leader as people around you believe,” he told his listeners. “Communicate your story. Make it epic. And when it comes to telling it, remember, you all have a voice.”

Tweet This!

Mulally, Rowe Herald Hard Work, HR at SHRM

Alan Mulally, left, and Mike Rowe share the stage in SHRM’s open ing keynote. Photo by Chris Williams/SHRM

In an unlikely coupling of two friends — one described by his co-star as a kind of Howdy Doody “Boy Scout” and the other a well-recognized master of grunge, grit and grime — Alan Mulally and Mike Rowe kicked off this year’s Society for Human Resource Management’s annual conference heralding the importance of hard work and HR leadership.

In their joint opening keynote Sunday at the Walter E. Washington Convention Center in the nation’s capital, Mulally, former president and CEO of Ford Motor Co., and Rowe, host of Dirty Jobs on the Discovery Channel, shared their stories, and their messages about HR’s new stature in the business world, with a healthy dose of fun.

“Here’s what I think,” Mulally told a roomful of thousands of conference-goers. “I think human resource professionals rock!” His comment got raucous applause.

Sharing his keys to success, though — putting his people first; including everyone in all communications; and making sure everyone knows the company’s vision, performance goals and the status of every plan, to name just a few — he came back to the importance of HR.

“HR is the leader of many, many resources, and you’re making all of that happen,” he said.

Even in the country’s tough, post-9/11 years, Ford’s decision not to take federal bailout money was a transparent, collective one. “Watching our suppliers falling into bankruptcy,” he said, “knowing what was happening could bankrupt the nation, we made our decision [together] to do the right thing.”

And even then, he added, HR drove the communication, alignment and buy-in.

Rowe — who said he had worked for Mulally at Ford and then met him years later after becoming a voice behind many Ford commercials and later a television star — injected some hilarity into the “duet” by recalling how Dirty Jobs came to be.

As he told it, his concept came to him after reviewing tapes of himself trying to interview a sanitation official in the sewers of San Francisco, with many disgusting mishaps of every imaginable disgusting variety.

“I realized I was laughing; something very compelling was happening,” said Rowe. “But what was even more compelling than [the scatological Laurel and Hardy routine, for lack of a better description] was the knowledge and the real work” his interviewee was describing throughout it all. It seems the real work involved replacing bricks and understanding every nuance about why that had to be done.

“I let my guest be the expert he is … to connect [with viewers] the real miracle of how things really work and how jobs really get done,” he said, adding a lament that “we’re not valuing work enough, understanding how work gets done.”

But HR, he suggested, can take  the lead in understanding and facilitating this communication in an organization, about how things work there and what work needs to happen.

“Somewhere in your company is [this type of sewer specialist],” he said. “He’s probably little-known, but he needs to be heard.”

Mulally echoed the importance of facilitating the communication of work and what needs to be done as the only way an entire organization — in his case, Ford — can come together and “face reality.”

Added to his list of imperatives for successfully climbing out of the kind of “economic and financial reality we were facing in our toughest years,” he said, [were] respecting, listening to, helping and appreciating each other [and] building emotional resistance to trust the process.”

Lastly and most importantly, said Mulally, “is [to] have fun; enjoy the journey and each other” through everything you weather and accomplish.

Tweet This!

Harnessing the Power of Vulnerability

Many HR leaders — along with leaders of every stripe — tend to view vulnerability as a weakness, and strive to “engineer it out” of their organizations. This is a mistake, according to author, consultant and University of Houston research professor Brené Brown, who delivered a keynote address at the Indeed Interactive conference in Austin, Tex. today on “Vulnerability and Workplace Transformation.”

Far from being a weakness, vulnerability can be a source of strength, power and innovation if people understand how to use it properly, said Brown, who’s spent the past 13 years of her career studying vulnerability, shame, courage and worthiness. Leaders who have an honest understanding of their own vulnerability, and who are comfortable displaying it during critical moments, are better equipped to lead and inspire other employees, she said.

Brown, whose TED Talk on The Power of Vulnerability in 2010 became the fifth most-viewed TED Talk ever, cited her own experience in the wake of the talk’s popularity as instructive. Although it garnered more than 25 million views, the video also attracted some nasty comments from online viewers denigrating Brown’s appearance.  The anonymous comments included suggestions that Brown get Botox injections for her wrinkles and “If I looked like that, I’d feel vulnerable, too.”

Feeling traumatized, Brown compensated by “binge-watching Downton Abbey and eating lots of peanut butter.” But while watching the iconic British drama, she researched who was U.S. president at the time, and came across a speech excerpt by Teddy Roosevelt that inspired her:

It is not the critic who counts; not the man who points out how the strong man stumbles, or where the doer of deeds could have done them better. The credit belongs to the man who is actually in the arena, whose face is marred by dust and sweat and blood; who strives valiantly;  …  who at the best knows in the end the triumph of high achievement, and who at the worst, if he fails, at least fails while daring greatly, so that his place shall never be with those cold and timid souls who neither know victory nor defeat. 

Roosevelt’s words not only helped Brown put the comments in perspective, but inspired the title of her 2012 book, Daring Greatly: How the Courage to Be Vulnerable Transforms the Way We Live, Love, Parent and Lead.

“If you’re not in the arena, being brave and getting your ass kicked, then I have no interest in your feedback,” she said. “The world is filled with cheap seats, with people who hide behind anonymous comments and never get in the arena.”

Feeling vulnerable often leads people to try and compensate in ways that aren’t always helpful and, in some cases, damaging. She cited a brief disagreement with her husband that could’ve turned ugly had she not applied her own lessons in being aware of and mastering one’s vulnerability.

“Emotions drive our responses to tough things,” said Brown. “We tell ourselves stories about things that are happening and we get a reward from our brain that makes us feel better, even if the story isn’t accurate.”

However, vulnerability is not only the source of shame, fear and anxiety but also of love, belonging and joy, she said. It’s also the source of courage, empathy, trust, innovation, creativity, accountability and adoptability.

“If you foster a culture in your organization that doesn’t allow for vulnerability, then do not expect people to take risks and innovate,” said Brown. “If you don’t understand vulnerability, you cannot manage and lead people.”

Of course, leaders can’t display vulnerability in every situation, she said, citing the CEO of a start-up who told her he’d decided to share his vulnerability by going public with his feelings of being in over his head and having no idea what he was doing. “People who invested money in your company obviously aren’t going to want to hear that,” said Brown. “But if people sense that you’ll reach out for help when you need it, rather than not saying anything and continuing to plug along, that’s OK.”

The ability to be honest about what you don’t know or are uncertain of is a strength, not a weakness, said Brown.

“To be alive is to be vulnerable,” she said. “To be a leader is to be vulnerable every moment of every day.”

Tweet This!