Will Houston has heard more than his share of jargon at work. “I came into the world of cybersecurity through the military, the place absolutely notorious for not using plain language,” says the CISO (chief information security officer) segment leader for management consulting and executive search firm Egon Zehnder.
These days, Houston sometimes gets an earful from corporate directors who are unhappy that they can’t decipher what their CISO is telling them. “The board members will understandably get frustrated if they get a brief particularly with somebody coming in and saying, ‘Hey, there are all these vulnerabilities; I need a lot of money,’” he says. “If that isn’t explained in real business terms, risk terms, clearly and how to effectively address them, they can get not just frustrated but alarmed.”
Organizations are now demanding that the CISOs they hire converse in plain language, Houston adds. “Four or five years ago, we were having clients come to us and say, ‘Hey, we need a CISO who can speak at the board level,’” clearly presenting a technical subject to a nontechnical audience, he says. “Over the last two years, I think every single search is led with that.”
Even for experienced CISOs, having to adapt is fairly new, Houston notes. “Thank goodness most of our clients don’t say, ‘We have to have a CISO who has done it,’ but rather they’ll say, ‘We want a CISO who can do it.’”
Although jargon persists in the corporate world, directors are taking steps to banish it from the boardroom and beyond. As part of that effort, board members must sharpen their own communication skills to engage with investors, who increasingly want to talk strategy with them. Raising their plain language game could also help directors as the U.S. government mulls legislation that would require better risk disclosure around cybersecurity and climate change.
Washington has already made clear public communication the law for federal agencies, under the Plain Writing Act of 2010. If the private sector lags government when it comes to mandating plain language, some boards could be paying the price. For example, less than half of respondents to a recent PwC survey of corporate directors said that they receive consistent and useful information about key cybersecurity risks.
Barbra Kingsley is chair of the Center for Plain Language, a nonprofit that advocates for plain language throughout North America. “I would love for every board out there to demand that the organizations communicate in plain language,” says Kingsley, who is also president of Kingsley-Kleimann Group, which helps organizations sharpen their internal and external communication. “Over the 25, 30 years that I’ve done this, I’ve seen how important plain language is in improving customers’ lives, but also improving the organization’s performance.”
How so? “When information is designed and written in plain language, it puts a better face to the organization,” Kingsley says. “It’s brandable; it helps customers respond more accurately; it reduces inefficiencies in the organization. So there’s really no downside to it.”
With a few exceptions, those who use jargon have no ill intent, Houston observes. “On the surface, it can look like an attempt to obfuscate and confuse, when it’s generally not that,” he says. “It’s people that are just trying to be efficient and speedy and take complex concepts or terms or whatever and use the jargon that is commonly known within some subset of the business community.”
In some ways, things are improving, Kingsley says. “Many organizations are trying more and more to design information with the customers in mind, and really thinking more about the customer experience or the user experience,” she explains. “Having said that, I think there’s still such a long way to go.”
Kingsley think it’s tough for board members because at some level, they come into an organization as an external user. “They need clear information about the organization, and about the marketplace in general, to be able to give solid, accurate advice,” she says.
“And when they’re getting really complex information, that makes their job incredibly difficult,” Kingsley adds. “So I think it is all about clarifying that information that lands on the board member’s desk so that they can really do their job more efficiently, more quickly, with better accuracy. And plain language helps with all of that.”
Increasingly, directors themselves need to communicate in plain language too. By design, boards have been opaque to the public, argues Maria Castañon Moats, leader of the Governance Insights Center at PwC. But as her firm’s 2022 Annual Corporate Directors Survey of some 700 board members shows, shareholder engagement with directors is at an all-time high. In the survey, 60% of respondents said that a member of their board other than the CEO met with shareholders during the year, up from 53% in 2021.
That trend will continue, Moats predicts. “Investors want to engage with directors, not just management, to better understand strategy and how it’s being executed, and maybe how different points within ESG are part of the strategy,” she says. “So if engagement is going up, how do you tell your story as to not only what you oversee but how you oversee it?”
In written documents—the proxy that a company publishes each year, as well as the governance information on its website.
Adding to the pressure on directors, last year the U.S. Securities and Exchange Commission proposed new rules to make public companies disclose information about climate-related risks and cybersecurity risk management. “That’s going to be a little nudge,” Moats says.
How involved should board members get in crafting written material? “I’m not saying they hold the pen to write everything in the proxy, but engage and be a part of the process with general counsel and the members of management to help tell their story to investors,” Moats suggests.
Chris Barbin admits that when it comes to slinging corporate jargon, his industry is in a class of its own. “I think tech is worse,” says the founder and CEO of Tercera, a Chicago-based private equity shop focused on IT services firms that belong to what it calls the third wave of the cloud. “Being part of the industry, I’m guilty too.”
But Barbin, who sits on six for-profit and nonprofit boards, is also doing his part to encourage plain language among directors and their organizations. “Often in the boardroom, there are too many buzzwords and too much posturing, positioning, angling, one-upmanship,” says the cofounder of Appirio, an early cloud consulting business he sold to Wipro in 2016 for $500 million.
“Sometimes there’s egos in those boardrooms, and there’s also a parallel fear, in many cases, of sounding dumb,” Barbin adds. “I think a lot of the reason there isn’t plain language is that sometimes, people don’t want to ask the dumb questions or the easy questions.”
Houston’s advice to board members being briefed by CISOs: “‘Look, just ask them to define it in the business risk terms that you use all the time.’ And they’ll be able to do it, and it helps the cybersecurity person as well,” he says.
For Houston, the good news is that the word is out. “CISOs know that they have to up their game and be ready to brief a technical topic to a nontechnical audience,” he says. “And vice versa: The board members are starting to learn that this is not something they can ignore. They need to get up to speed as much as they can and not be afraid to ask the questions.”
With written materials at board presentations, Barbin believes less is more. “I’ve been part of a lot of younger, smaller boards, if you will, where there is a tendency to just overwhelm with information,” he says, recalling slide decks hundreds of pages long. “I’d rather have a dozen slides to allow and encourage a real rich dialogue—to then drive some follow-ups—as opposed to being overwhelmed by content and analysis.”
Moats can relate. “We hear that, ‘We really wish that what we get in the pre-read is enough and not too much.’ Because sometimes, they can bury you in the pre-read. Do you need the novel, or do you need the executive summary?”
Organizations can train their writers and presenters to consider information from the audience’s perspective and tailor it to that group, Kingsley says. “Plain language is not about just using simple words,” she stresses. “It really starts with a very careful consideration of your audience and task—who’s reading this, and what do they need to do?—and then selecting details that support that audience and their task.”
Having a consistent format is key, Moats maintains. “I tell management, ‘If you can agree with the board on what are the key risks and how often you present and in what format, on whatever the risk is, then that goes a long way,” she says. “Then, once you get through the pre-read, when you get in the room, the directors can really ask great questions.”
One of the best presentations that Houston has seen was by a CISO who condensed everything the directors of a power company needed to know into a single PowerPoint slide.
“‘These are the bad actors that are trying to attack us; these are the means they’re using to do it; this is the vulnerability that they’re trying to exploit; this is what we’re doing to address that vulnerability; this is what it’ll cost us if we’re unsuccessful. And then this is what it’s going to cost for us to address it; this is how much we can reduce the risk—in a real clear visual layout,’” Houston recalls. “Two or three of the board members came up to him afterward and said, ‘This is the first time I’ve understood where we stand and what we’re doing.”
As they push for that kind of plain talk, directors have a powerful force on their side. Whether it’s from consumers or shareholders, businesses face more external pressure than governments to create better information, Kingsley says. “That’s where I see private organizations have more of an immediate incentive, because of that customer feedback loop.”
If investors want to engage more with boards, don’t leave that task to one designated director, Moats counsels. “Be ready to really be the person that can communicate clearly the strategy, why it’s changing, how we’re thinking about ESG, what matters,” she says. “As you think about directors of the future and boards of the future, that’s what you want.”