Eight skills for effective leadership

Bad leaders have a huge impact on businesses. According to James K Harter,  Gallup’s chief scientist for workplace management, at least 50% of people have quit because of a bad manager; while 75% of the reasons for costly voluntary turnover come down to things that managers can influence.

Fortunately, leadership capabilities can be trained and improved. Managers can ensure that they have the basic set of skills necessary for leading a group of people towards a common goal.

Here are eight skills for starters:

  1. Effective leaders know their team
    One of the things that separates an average leader from a great one is caring      about their people. The more you take care of your team, the more motivated they’ll be to take care of your products, customers and ultimately help your company achieve its mission. Take time to learn more about who your team members are, how they like to work and what their interests and talents are.
  2. Innovate and commit to a vision
    The Harvard Business Review interviewed 33 leaders in the top 99th percentile for innovation (as measured by their peers, employees and bosses) and found that innovative leaders all display excellent strategic vision. They can picture and articulate what they want to achieve, why it’s important, and how they’re going to do it.
  3. Lead by example
    While some leaders adopt the “do as I say, not as I do” philosophy, the most effective leaders lead by example, with integrity and high energy, following the same working patterns, advice and ethics that they expect from their team.
  4. Are direct
    As a leader you must work towards implementing a culture that allows people to speak their mind freely and share their thoughts without fear. By telling people what you think of their work honestly, they both feel recognised and know how to improve.
  5. Effective leaders listen to their team
    It’s important to realise that your team aren’t the only ones to benefit from honest feedback:      you can too. Seeing things from your own perspective may not be enough to really see things as they are. Talking to other people (friends, leaders, employees) broadens your horizons and gives you the necessary perspective to explore areas that need improvement.
  6. Give credit where credit is due
    Workplaces where leadership is lacking have toxic cultures that do not foster trust or collaboration. In a 2019 study by BambooHR, 57% of employees said that a boss taking credit for other people’s work is unacceptable. Give credit where it’s due.
  7. Serve as a mentor
    We all know from our own personal experiences with great parents, teachers, coaches and mentors that great leaders care about improving the lives of those around them. As a leader, you are a mentor to your teammates. And, just like good parenting, good mentoring requires building people up, not breaking them down out of frustration.
  8. Are digitally aware
    It’s not possible to be an innovative leader in the 21st century unless you’re also digitally savvy. A study by DDI found that digital-ready leaders (those with the skills and capability to operate effectively in a digital environment) are more likely to feel that they are “definitely engaged” at work; and twice as many digital-ready leaders feel a sense of accountability for effectively leading their people. In addition, companies that have the most digitally capable leaders financially outperform the average by 50%.

Ultimately, there is no one-size-fits-all solution to leadership; different styles suit different people. You therefore need to find the style that suits your innate personality and strengths. With today’s business leaders required to operate in an increasingly complex global environment, the 100% online Leadership and Management MScs from the University of York are designed to build your practical knowledge while developing your theoretical understanding of the business landscape.

Covering three key business disciplines, innovation, finance, and international business, they      can help you develop the distinct skills required for effective leadership across a huge range of industries, functions and roles. You will also benefit from the ethical, socially responsible and international themes that underpin all programme content.

The 100% online curriculum is designed to enable you to study at your own pace, alongside your existing career. There are six start dates per year, flexible payment options and postgraduate government loans to cover the full programme cost, for those that are eligible.

Find out more and begin your application.

Proactive or reactive: which type of leader are you?

What enables a person to be an effective leader? Leadership has different facets and being able to identify your own leadership style as either proactive or reactive and having the ability to switch between the two can make a huge difference to your success. So, what are the different styles and which do you most identify with?

A reactive leader can handle pressure that comes their way in real time

Reactive leaders take responsibility and solve problems on their own. They also often possess ‘firefighting’ skills; the ability to think quickly, creatively and yet logically when faced with an emerging situation to prevent problems. Firefighting can be an extremely useful skill, but doesn’t lend itself to long term planning or analysis to prevent the problem from arising in the future. Rather than being prepared for future challenges, reactive leaders may miss out on opportunities because they have not anticipated change. A reactive leader and workforce is exactly what companies need to ensure that the business can survive short-term unexpected issues.

Proactive leadership styles are focused on the future

Being a proactive leader requires a different mindset and skills, figuring out what needs to be done and how to achieve it without knowing exactly what the future holds. In a business context this means building a sound knowledge of your market and competitors and learning how to anticipate change, not just waiting for it to happen.

There are many advantages to adopting a proactive leadership approach. These include more accurate and effective strategies and projections, ensuring the business is relevant to customers, improved cost and resource efficiency, aligning daily decisions with long-term objectives, and getting ahead of the competition. The downside of a proactive approach is that focusing on the future can mean you are not fully focused on the task at hand, which could have serious consequences, particularly during difficult times.

Which type of leader is best for business?

In their recent study of one million global leaders, Anderson and Adams found that most struggle to deal with the complex challenges they face. This makes development – both self-development and developing other leaders and future leaders at scale – a business imperative. In their research, they identified 18 key creative competencies which highly correlated to measures of leadership effectiveness and business performance, falling into five categories:

  1. Achieving – the ability to plan and get results
  2. Systems awareness – the capability to think systemically and design organisational systems for higher performance
  3. Authenticity – the willingness to act with integrity, speaking the truth even when it is risky
  4. Self-awareness – recognising your own strengths and weaknesses and taking ownership of your decisions
  5. Relating – the capability to build teams, collaborate with, and develop people

Reactive leaders can be considered successful in many respects, Anderson and Adams believe that the focus tends to be on ‘quick wins’; large achievements in the shortest possible time that doesn’t allow them to concentrate on other parts of their role that would give greater long term success, such as strategizing or forecast analysis.

A strong leader needs to balance reactive and proactive skillsets to be able to act in the short term, and plan for the future.

If you want to enhance your leadership style and futureproof your skill set, the 100% online Management and Leadership Masters programmes from the University of York provide the fundamental concepts, theories and practical applications of innovation, finance, and international business – vital for professional adaptability and employability across industries, functions and roles.

With all course content available online you can access it and study at any time, in any place. Six start dates throughout the year mean you can tailor the course to your own timescales. There’s also the option to pay as you learn, and you may even be entitled to a UK government-backed postgraduate loan, covering the costs of the course.

Find out more and begin your application.

Why finance must embrace the fourth industrial revolution

An explosion of new technologies such as automation, robotics, big data, machine learning, augmented and virtual reality and personalisation is changing the way businesses operate – so much so that some commentators are heralding a fourth industrial revolution. Sectors such as healthcare, retail and agriculture are storing and analysing data, to gain insights and implement better practices. It seems, however, that technology in finance has been entirely focussed on hardware and efficiency, without offering much in the way of benefits to its customers.

In fact, technology could be the very thing creating a barrier to accessible, user-friendly finance. The Financial Times estimates that 70% of stock trading is automated – JP Morgan states that less than 10% of stock decisions are taken by individuals – meaning that much of the financial world is entrusted to obscure algorithms that are incomprehensible to most financial services users, resulting in lower levels of engagement from users. This is echoed in research from Scottish Friendly, which has revealed that 53% of Brits are suffering from a chronic case of ‘investophobia’. The fact is, while technology should be making finance far more accessible, it remains a foreign industry for most people.

Lagging behind

While estate agents and travel agents once worried that their industry would shrink if the public had more access to data and information, the opposite happened. The internet’s easy access to data enabled users to make smarter decisions, and both industries expanded. Travel sites such as Kayak, Expedia and booking.com let users see all their options at once, increasing a feeling of empowerment. In the same way, the housing market benefited from sites like findaproperty.com. In contrast, financial advisors still hold the keys to many seemingly simple procedures; for example, it is still not easy for users to compare the risk, returns and fees associated with an investment.

Increased accessibility for consumers

However, things do seem to be changing. New research forecasts that by 2021, nearly 3 billion users will access retail banking services via smartphones, tablets, PCs and smartwatches. Banks will need to focus on providing a more frictionless digital experience, especially if they are to remain market leaders. Of course, it’s not just banks we’re talking about; Uber can link to your credit card so you don’t have to exchange cash with your driver; and insurance companies can use black box telematics to bill you according to your personal driving performance. The expectation and demand for accessible tools for managing money will inevitably lead to similar innovations in finance.

Why does it matter?

Creating easier access to financial tools and markets could be one of the greatest catalysts for strong, global economic growth. More importantly, technology could also lead to transparency. As the financial world becomes more opaque and complex, technology and understandable data could bridge the gap into simpler language and allows people to understand and therefore engage and become more involved.

If you want to know more about the changing financial environment and how you can build  a career within it, the online MSc Finance, Leadership and Management from the University of York can help. It provides training in financing longer-term corporate projects by developing a holistic view of the opportunities and risks present in financial markets. In addition to providing the fundamental tools and theories of finance, it places theories in the wider contexts of economics, management and organisational behaviour, and will help you develop a critical approach to problem-solving, effective communication skills, and insight into your own professional development; all vital skills for effective leadership in finance.

With the course 100% online, you can study at any time, in any place, and with six start dates throughout the year, you can start your course when it best suits you. There’s also the option to pay as you learn, and you may even be entitled to a UK government-backed postgraduate loan, covering the full cost of the course.

Find out more and begin your application.

Five steps to conducting a cyber investigation

With our lives increasingly dependent on computer networks and the internet – both potential targets of terrorist and criminal attacks – cyber security is one of society’s greatest challenges. Now, more than ever, IT professionals are tasked with determining specific cyber security needs and effectively allocating resources to address threats.

It is vital that, in any organisation, when a security incident occurs, there is a clear process that is understood and followed by those investigating and resolving the issues that it creates. There are many proposed methodologies for digital forensics, but generally they can all be condensed into the same logical steps:

What happened?

When a security alert is raised, the first thing that needs to be addressed is gathering the most essential of information:

  • What the alert was
  • When it was discovered
  • If it is still ongoing
  • What systems were affected or what impact has been seen
  • What other knock on effects it may have


Speaking to the team – or collecting the data logs from the reporting of the affected sector – gives you much of this information. Gathering the data is vital to understand the scale of the problem before taking any action.

Plan your next steps – and follow procedure

Information gathering is vital, as once you start attempting to fix the problem, you physically change the data and the network environment. If the scale of the issue isn’t fully understood, then an insufficient fix can actually mask the security breach without eradicating the problem. Also prioritise your efforts, saving the most stable sections until last and working on at risk or volatile areas first. Procedures should exist to follow legal guidelines, such as gathering and preserving evidence for possible prosecutions.


Digital evidence is no different than physical evidence – once touched it can be permanently changed, or potentially leave somebody else’s ‘fingerprint’ on it. This is where documenting, dating and signing off every step is required, if only for auditing purposes. Keeping master files intact and only carry out work on copies to make sure there’s always a single reference point.

Use your data

Networked computers, particularly those across state or national borders often have different time stamps. By working logically, in time and to the actual timeline of events, you can see how things unfolded, what was affected and when, and then hypothesise and test theories. Evidence also relies on things like file names and metadata, so these are important to preserve and record.

Document your findings

The final report should be robust and all the data and conclusions water-tight, but also understandable by non-technical staff or those without IT backgrounds. These reports could also need to be reviewed and used by criminal or legal investigators, meaning that supporting appendices could be very helpful. This kind of forensic evidence and the report should meet court requirements and provide valuable evidence to the business and those affected.

In the UK, the number of digital technology jobs has grown at twice the rate of other roles. The University of York’s MSc Computer Science with Cyber Security online Masters programme is designed for working professionals and graduates who want to launch their career in this in-demand and lucrative field but may not currently have a computer science background. Graduates of this programme go on to a range of positions in software and web development, IT systems, support and programming.

Focusing on network and operating system security, risk analysis and secure software development, it will grow your expertise through specialist modules and projects, and develop your core computer science skills. The 100% online programme allows you to study around work and home commitments, at different times and locations, and has six start dates a year. There is a pay-per-module option available, and you may be eligible for a government backed postgraduate loan which covers the course cost.

Find out more and begin your application.

Encryption and its role in data security

Businesses have always relied on data but as we gather more and more information, it’s created a situation where the security of the data is just as important as the info itself.  Recent changes to UK and EU law have meant that data security is at the front of many people’s minds, particularly for confidential or sensitive data that some businesses need. The financial penalties for non-compliance also mean companies are no longer rejecting data encryption options based on cost, but are assessing them for the risk they help mitigate.

Encryption is simply the process of taking readable information using an encryption key to alter it into what appears to be gibberish. The encryption key both encodes at the sender’s machine and decodes at the recipients, and without it the message should be useless.

Why is encryption vital for all organisations?

Leaving data unencrypted on your network is an open invitation to cybercriminals, and one that could potentially bankrupt your business. But hackers can’t profit from data they can’t read. As a result, more organisations and individuals are using encryption to protect sensitive data stored on computers, servers and mobile devices like phones or tablets.

While the primary purpose of encryption is to protect the confidentiality of digital data stored on computer systems or transmitted via the internet or any other computer network, when implemented properly, it can also:


  1. Improve security
    While we can take measures to protect IT systems and computers with firewalls and anti-virus software, these aren’t infallible against determined cyber attackers. Encryption rounds out your security arsenal by not only protecting data whilst in transit – when it’s at its most vulnerable – but also for other types of attacks, as managing to steal encrypted data is a lot of effort for very little gain, as the data is almost useless without the encryption key.
  2. Maintain data integrity
    Encryption also helps to reduce fraud by preventing data from being adjusted by unauthorised people. Hackers may not want to steal the info, but instead alter contact details or security questions, to allow another accomplice to phone up, be able to answer security questions and then commit fraud. Encrypted data could be adjusted, but once decoded, the alterations would be apparent and highlighted for fraud.
  3. Help compliance
    A key principle of the GDPR is that you process personal data securely by means of ‘appropriate technical and organisational measures’ and – where appropriate – look to use methods such as pseudonymisation (the practice of replacing identifying data with artificial values) and encryption. It’s therefore important that an organisation’s IT, security and legal teams work together to define what data their business needs to store, where it needs to be stored and the level of encryption that’s going to be used.
  4. Protect data across devices
    Mobiles and devices such as laptops, iPads and home computers are a big part of our lives and transferring data from device to device is a risky proposition. Encryption technology can help protect stored data across all devices, even during transfer.
  5. Protect privacy and increase customer trust
    Sensitive customer details, such as bank records, credit card numbers or order histories are simply expected these days to remain secure. Customers who don’t believe their information is safe are unlikely to allow businesses to use it, preventing them from collecting payments or processing orders.  Encryption can be used to protect sensitive data, including personal information for individuals, helping to ensure anonymity and privacy, and increasing customer trust.


But while encryption is the most effective form of data security, on the whole it is still woefully underutilised. One reason for this may be that demand for computer science skills far outstrips the supply of qualified graduates.

The University of York’s MSc Computer Science with Cyber Security online Masters programme is designed to advance computational thinking; software development skills and develop a broad-based knowledge of computer science to equip working professionals and graduates for a range of positions in software and web development, IT systems, support and programming. The 100% online programme allows you to study around your existing work and home commitments, at different times and locations, and has six start dates a year. There is a pay-per-module option available, and students may be eligible for a government backed postgraduate loans which cover the cost of the course.

Find out more and begin your application.

What is forensic readiness and why is it so important?

Digitisation offers businesses a huge number of benefits, but at the same time can increase the risk of cyberattacks or security breaches. As well as protecting the business, forensic readiness is becoming a focus for many, as a way of collecting, protecting and analysing legally admissible evidence following security investigations, whether this is to internal processes, tribunals or even the courts. The challenge for companies is making sure the company can maximise its digital evidence without investigations costing large amounts or having an undue impact on the business.

Most companies understand why disaster recovery and business continuity plans are important, but forensic readiness is treated as a lower priority and only taken seriously after an incident – and even then, many times without process. In a recent survey, nearly half of company executives stated they don’t conduct forensic readiness tests and a third don’t understand their role in cyber response plans.

Proactivity is key

Taking a reactive approach is not advisable, principally because waiting until after the fact puts a huge time pressure on gathering evidence before it’s deleted, modified or causes a total loss. Without having a planned approach, it’s also more likely that the disruption to the business will be greater following a cyber incident, where limiting the effects of the attack take first priority. The greater length of time this goes on, the greater the risk that it could start to affect customers and clients.

Having all the plans, skills and capabilities working together to gather, preserve and analyse evidence following an attack is key to minimising impact, and should also include legal teams and PR professionals. Forensic readiness prevents wasted time in trying to figure out how to collect and preserve evidence on the fly and ensures the business gets back to normal quicker, in turn allowing IT professionals to understand why the attack happened and take steps to prevent it happening again.

There are also other significant benefits; an efficient process limits the amount of time and money used for investigations, it reduces the disruption to business as usual and also prevents the initiators of the attack having time to cover their tracks completely. Forensic readiness plans also mean companies can show due diligence or compliance with various regulations and being able to demonstrate these procedures increases the trust that your suppliers and customers have in the company, thereby potentially increasing loyalty.

Offering foresight

Forensic readiness can also help to reveal potential incidents before they become a serious problem. It allows cyber threats to be uncovered, traced and prevented.

Businesses no longer ask how they can respond to a cyber incident when it occurs. Instead they’re asking themselves ‘how often will we need to respond’ or ‘how do we withstand persistent attacks’. Having forensic readiness and providing employees with the knowledge, practice and skills they need can help organisations mitigate risk through preparedness and increase overall business resilience.

Forensic readiness requires a great understanding of cyber security, the threats involved and an in-depth knowledge of the industry and business at risk. As these attacks become more and more common, businesses are employing specialists to mitigate the risks and help them recover more quickly. Designed specifically for ambitious professionals, the University of York’s online Computer Science with Cyber Security MSc means you can earn a Masters degree in an in-demand field from a world-class Russell Group university without putting your current career on hold. You can access course material and study any time, anywhere, on a variety of mobile devices, and with six start dates a year to choose from, you can start when best suits you. There’s also the option of paying per module so that you can split the cost of tuition fees across the duration of study. You may even be entitled to a UK government-backed postgraduate loan to cover the full cost of the course.

Find out more and begin your application.

Human factors the biggest threat to cyber security

Cyber-attacks are now a daily occurrence, with a third of businesses reporting a security breach in the last year. The focus of breaches tends to be on organised crime, where the methods are becoming highly sophisticated, but one of the major threats to cyber security are a company’s own employees. In truth, a self-reported data breach is 7 times more likely to be a human error than a malicious attack.

How criminals use human error in cyber attacks

Human error attacks usually rely on phishing scams or internet/email link clicks. These kinds of scams are becoming more sophisticated and are using the forms, language and even fonts of trusted companies in order to hide the unauthorised usage.  According to the Anti-Phishing Working Group’s (APWG) Phishing Activity Trends Report, the number of phishing attacks detected in the first quarter of 2018 was up 46% from the last quarter of 2017.

Phishing and social engineering are only part of the problem for human-error based breaches. Many companies allow employees to work on their own phones, tablets and computers – the Bring Your Own Device (BYOD) model. When employees reduce or even remove the barriers between the professional and the personal by having both on the same device, something as simple as a rogue app can mean employees are only one click away from revealing sensitive business information and putting the company at risk.

A collaborative approach is vital

Companies take cyber threats very seriously, but as employees are often the weakest link in the security chain, more training and awareness is needed. Employees at all levels should understand that responsibility for security lies with them and isn’t just “something for the IT department”. Current simulations rarely represent the threat in the real world, as they tend to focus on fault or blame for security breaches and the threats themselves are constantly evolving. Instead, making simulations applicable to how employees work every day and allowing them to take control and identify threats could easily yield better results.

Create an accessible cyber security plan

Expecting all employees to become security experts and avoid every threat is unrealistic. Instead, the aim should be to help them understand how they will be targeted and crucially, that they should be free to ask for help as not all ‘reset your password’ emails will be malicious and not all emails from a bank will be genuine.

With IT department heads struggling to get their employees to respond to notifications of a vulnerability or attack and take appropriate action, teams need to find immediate ways to alert staff to potential threats. Apps such as Workplace (Facebook’s enterprise connectivity platform), that cut through the noise of emails and uninspiring intranets and enable the sharing of security awareness messages quickly, might therefore be a better solution.

Consider ways to make it easier for employees

‘Strong’ passwords, which are lengthy, complicated and full of unusual symbols have been the preferred barrier in recent years, but they may actually cause a bigger problem. In fact, research shows that users are likely to write down trickier passwords, undermining their strength. Instead, organisations should take steps like reminding people what the password structure is before they try to enter it, or letting them look it up instead of only telling them at reset. They could use approaches which let staff set complex but memorable passwords, two-factor authentication or alternatives to passwords to make authentication easier. It is also vital that everyone who needs digital services to fulfil their role can get easy access to them, so they don’t resort to sharing passwords with other people to ‘get the job done’.

What works in the isolation of the IT lab will often fail when it has to be used by real people every day. Collaboration and input when designing these policies can help employees make good decisions and can really help uptake and responsibility for security.

Do you want to make your mark on the future of cyber security? Designed specifically for ambitious professionals, the University of York’s Computer Science with Cyber Security MSc enables you to earn a Masters degree without putting your current career on hold. The course covers topics such as security risk analysis and network and operating system security as well as broader computer science topics such as software development.

It’s 100% online so you can access course material and study any time, anywhere, and on a variety of mobile devices. With six start dates a year to choose from, you can start when you choose and complete the programme within 2 years. There’s also the option of paying as you learn, and you may even be entitled to a UK government-backed postgraduate loan to cover the full cost of the course.

Find out more and begin your application.

The value of good management

There are many who take the concepts of ‘leader’ and a ‘manager’ as interchangeable. For many junior positions, these words are synonymous, with Team Leaders and Team Managers essentially performing the same function. The truth is that leadership and management are two separate disciplines, each with their own individual skillsets, aptitudes and most importantly, value to a business environment.

People prefer to be thought of as strong leaders, rather than strong managers. Leadership tends to conjure up images of inspiration, striving forward and taking your followers on a journey of improvement. Being thought of as a manager is far less romantic. However, while people may aspire to lead, they need management skills and experience to be successful.

What does a manager do that a leader doesn’t?

Management skills often relate to the technical aspects of a role. Good managers are experts in their fields, using experience built over time to give them a wide, overarching knowledge of their sector. They can control processes, resources or operations, exemplify best practice and ensure smooth running of the day to day business.

Strong management skills are business critical in many situations. Good managers are able to understand and control all of the resources at their disposal. Familiarity with systems and processes gives a wide, overarching knowledge that allows managers to control outcomes effectively.

It’s important to remember that employees are the most valuable and variable resource available to managers. While leaders aim to inspire employees to do more and grow, managers understand growth must be guided and channelled effectively.

Management isn’t a standalone skillset

Management skills may be seen by some as more technical, resource-focused and numerical, while leadership is softer, more people-focused and human, but neither discipline is entirely separate. Leaders still need the skills that managers possess to get the most out of every resource, whether it’s time, employees or operations. The most effective managers have leadership skills, just as the most effective leaders have management skills.

It is possible to ensure that you have the best of both worlds: the University of York offers 100% online MSc programmes in Leadership and Management. They provide essential skills, such as effective communication and critical approaches to problem solving, which will help you develop a range of approaches to business. As all learning materials are delivered online, you can study when it suits you best, avoiding the need to take a break in your career. You can keep your current role and salary and apply what you learn while you earn. There are also six start dates throughout the year and the ability to pay-per-module, making this an extremely flexible way to gain a prestigious Masters degree from a Russell Group university.

Learn more and begin your application.

The changing role of the IT leader

The skills and knowledge required by leaders change frequently, reflecting a huge number of different factors, from technology to people to politics. These changes have been keenly felt by IT leaders, as businesses focus more on innovation and become increasingly reliant on technology.

These shifts have seen IT leaders entirely refocus their priorities, often from primarily operational positions to being more and more strategy-led. No longer are IT departments just there to make sure websites, CRMs and email servers are working properly. Now IT is focussed on digital transformation to make sure the whole company is working in harmony. IT ensures data is secure, but accessible by those who need it, allowing the whole business the right tools for innovation and success.


Arguably IT roles – particularly the Chief Information Officer (CIO) – are more influential than ever before. Individuals in these positions are increasingly responsible for innovation and revenue generation. In order to fulfil these new expectations, they need to become more involved and more influential in the wider business, with an in-depth understanding of operations, planning and business functions in order to comprehend the impact of innovation on aspects like organisational change and strategy development.


These new responsibilities all require vision and impeccable communication skills. Technical expertise alone is no longer enough for IT leaders. They need to be able to explain new concepts and innovations to those without the technical understanding, with long term strategy and bottom line growth in mind.

Marketing teams commonly work on an outsourcing model, plugging gaps in their team’s knowledge and allowing for project flexibility. As technology keeps pushing forward at a rapid pace, CIOs are starting to embrace a similar model. By reinforcing internal teams with external suppliers, IT departments can accomplish things they may not have the expertise or time to fulfil in house.

Continual learning

With such rapid changes in technology and innovation, CIOs and those with aspirations to become IT leaders need to keep their skills constantly refreshed. Deloitte’s CIO report found that tech leaders are committed to ongoing learning – a trend that’s expected to continue over the next few years. Not only that, but the vast majority of them (96%) consider educating the business about technology issues to be one of their responsibilities.

To support continual learning, the University of York have introduced a 100% online MSc Innovation, Leadership and Management. Aimed at ambitious career climbers, it teaches the skills and knowledge required to help individuals to succeed in IT leadership and CIO roles. It covers topics such as innovation management, leading change and business operations: all important elements of the modern day IT leader role.

As all course materials are delivered online, there’s no need to take a career break, so you can study whenever it suits you. Flexibility is built in with six start dates per year and pay-per-module options, allowing you to study for a prestigious Russell Group university degree around family and work commitments.

Find out more and begin your application.

The Chief Cyber Security Officer needs a seat on the Board

All businesses would love to be in a permanent state of absolute certainty, but unfortunately that’s simply not realistic. This is especially true when it comes to cyber security.

Our reliance on technology has meant the digital elements within business have increased hugely over the last few decades. Applications, networks, data and hardware have all developed to aid companies and make them more efficient, but these elements also each come with their own security risks. As we increase the technological elements of companies, we create more cyber security risks. Couple that with a network of digital providers, each with a different understanding of cyber security and it can be impossible to be absolutely certain that breaches have been and will be prevented.

Attacks and breaches

Attacks and breaches can happen at any time and can be deliberate or accidental. Sometimes courses of action are chosen by businesses to make life easier, or keep costs down in the short-term, but can ultimately lead to massive costs. Something like the WannaCry ransomware outbreak, which encrypted data on infected computers and spread rapidly across networks once it had got in through a single poorly-protected machine, cost the UK’s NHS around £92million in lost service and actions to recover. A report on the outbreak highlighted that part of the problem was a lack of co-ordinated cyber security within the organisation.


The challenge of keeping up with new technologies and security techniques is no small matter. While traditionally this would have simply come under the remit of the IT department, now businesses are recognising the need for specialist skills and creating roles specifically for the task.

Most companies now have a CISO (Chief Information Security Officer) and/or CCSO (Chief Cyber Security Officer) either sitting at board level or reporting to a board member. Their responsibility is to assess and manage risk within the organisation to ensure that appropriate precautions are taken to prevent or reduce the impact of breaches, and to have plans to deal with any incidents that do occur.

Not only are they responsible for overseeing the technical security programme across the organisation, they also play a critical education role, ensuring that employees company-wide don’t unwittingly cause a security breach through phishing or social engineering.

Board-level representation is essential for these precautions and plans to be implemented and to comply with legal obligations for reporting incidents.

The skills to succeed

There are currently a huge number of vacant cyber security positions in the UK and a shortage of qualified people with the skills to fill them. This is why the University of York has introduced a new online Computer Science with Cyber Security Masters. The course offers ambitious individuals the opportunity to learn the skills and knowledge needed to start their career in this in-demand sector.

The course introduces key concepts, such as the ability to identify and analyse threats, create high-level security management strategies and understand and evaluate testing. Delivered 100% online and with a choice of start dates throughout the year, the Computer Science with Cyber Security Masters is designed with flexibility in mind; there’s no need to take a career break, so you can earn while you learn and fit your studies around other commitments. There’s also an option to pay-per-module, avoiding large upfront fees.

Find out more and begin your application.

The new path to becoming CFO

Not all paths to leadership positions are the same. What was once a rigid route to the top finance role – from accounts assistant, to accountant, to controller and treasurer, to Chief Financial Officer (CFO ) – can now be supplemented by roles in other business functions, such as operations and sales, creating an opportunity for those with unconventional backgrounds to step into the position.

While it’s easy to identify the opportunity, it can be harder to seize upon it. The last decade has seen huge shifts in technology, social interaction, politics and economics and there’s no reason to think that this will stop in the foreseeable future. The modern CFO needs a breadth of experience to take on the role, but what do those looking to move into the role do to create cross-departmental value and prepare them for the responsibilities?

Build a broad foundation of finance experience

CFOs often need to ask the right questions across the organisation, which means understanding and having experience company-wide. No process, even technical ones like legal or finance, happen in a vacuum; they affect staff, procedure, process and day-to-day work, meaning that skills in project and people management are key. Of course, that’s not to say that financial experience isn’t essential; almost half of today’s CFOs have had six or more finance roles during their career, 80% have had a finance role in more than one organisation and almost three-quarters have finance experience in more than one industry.

See strategy and business experience as the new baseline

Changes in how we live, work and do business are becoming ever more pronounced and rapid. This means that future CFOs will need to be able to take a high-level overview of not only their department or business sector, but of the entire business landscape. The ability to build relationships and networks of support, as well as a wide range of commercial skills and sensibilities will be ever more important to those hoping for great success.

Career plan for data analytics

Business data and information now reaches the core of many departments across the company and the finance department is ever more important in its role of offering insight into using the data correctly to prevent bad decisions being made. Being able to effectively analyse data and provide insights into what that data means for the organisation is a crucial skill.

Gain risk experience

Risk is no longer weighted into mere profit and loss, as CFOs also need to assess ideas like reputational risk from certain investments being made public, or exposing the company to greater cyber risks from not updating IT equipment. Assessing risk in these wider fields that don’t just affect the finance department will grow in importance.

Get closer to stakeholders

Engaging stakeholders was once only in the realm of the CEO, but creating strong relationships with key stakeholders – and allowing the CFO to talk to them in a manner they understand – is becoming the norm. As investors become more savvy, they’re looking for greater feedback and information and the CFO is the logical conduit for the financial health of the company. CFOs who have strong networking abilities will in turn not only be able to reassure and inform key stakeholders, but use them to ensure the future commitment to the business.

Learn how to be customer-centric

Gaining experience in roles which provide greater customer understanding will be key in developing a customer-centric culture, which drives innovation, service and, in turn, profits. Working closely with colleagues in sales, customer service, customer experience and marketing can provide a broader view of how to satisfy customers and provide the best return on investment.

Be skilled in leadership, communication, strategy and change management

As finance organisations become more diverse, their success is dependent on a strong united leadership vision and an engaged and skilled team. Knowledge of processes regarding change management, project oversight and the ability to communicate effectively between internal and external parties will become a priority.

Bring cross-cultural, cross-market business and finance experience to the table

To be truly effective, the next CFO will be a global thinker. They will have core technical knowledge as well as people skills. They will think globally to take opportunities to expand into new markets and territories and create a diverse and robust company that has the ability to think differently thanks to a diverse workforce.

If you’re eager to progress your career and improve some areas of your knowledge in order to reach for the CFO role, then postgraduate study could be the right path. Designed specifically for ambitious professionals, the University of York has introduced an online Finance, Leadership and Management MSc, meaning you can earn a Masters degree from a world-class Russell Group university without putting your current career on hold. You can access course material and study anytime, anywhere, and on a variety of devices. With six start dates to choose from, you can start your MSc when best suits you. There’s also the option for you to pay in instalments, and you may even be entitled to a UK government-backed postgraduate loan to cover the full cost of the course.

Find out more and begin your application.

Six ways to bring customer-centric focus to your leadership style

Leadership comes in many different types with varying degrees of being ‘hands on’ or not, being ever present or keeping a low profile and even fostering a serene environment or having an active and invigorating workplace. Putting customer needs at the front of every decision however, is vital for all leadership styles. Customer-centric thinking has far-reaching business outcomes and can affect business transformation.

But how do you go about integrating customer focus day-to-day?

  1. Provide direction and purpose
    It’s vital leaders give direction on how to keep the customer at the heart of things. ‘Customer-centricity’ needs to be based on a vision of what the company must do. It must be guided by a strategy based upon realistic goals and robust data which provides meaningful and actionable customer insight. Cascading the vision accurately and effectively from the C-Suite down is exceptionally important to succeeding in ‘customer first’ thinking.
  2. Put people at the centre of everything
    Customer-centric leaders should know how it feels to be a customer, leading to informed and well-reasoned decisions that balance profitability with customer experience. Leaders with a passion for the customer delve deeper: Pizza Hut UK’s CEO, works a shift waiting tables in the company’s restaurants every month, providing real and valuable insight and a direct connection with customers and staff at a person-to-person level.
  3. Don’t treat customer perception scores as a vanity measure
    Many companies now measure success both in terms of finance and public perception, but to be truly customer-focused, leaders must implement what the data teaches them. Customer-centric leaders don’t treat the data as a pat on the back – or slap on the wrist. They know it’s a way of understanding how the company performs in the eyes of the public, and use it to determine business and operational priorities to provide a better and more successful service.
  4. Create a culture where managers, team leaders, and employees are all emotionally engaged with the customer
    Customer-centric leaders also understand the importance of measuring the ‘Voice of the Employee’ – and acting on their feedback. Employees must be driven by the overall purpose of customer-centricity, want to go on the journey and believe that they are headed in the right direction. Customer-first leaders therefore need to identify ‘champions’, involving them in the change process and listening to their advice. By building a team that is aligned with your vision and strategy at all levels, not just senior management, customer-centric leaders can create an organisation where every employee is emotionally engaged with the customer.
  5. Be in it for the long haul
    A major mistake when moving to a customer-centric vision is to assume that once the plans have been developed and rolled out, the work is done. Constant monitoring, evaluation and assessment means that customer focus is constantly refreshed and reinvigorated.
  6. Keep on learning
    Many leaders don’t keep their understanding of the customer experience up to date, which means that it can’t be an ongoing priority within the organisation. Whether they believe they already know it or don’t deem it a priority, the journey a user takes when dealing with your business changes over time, which means that leaders shouldn’t stop re-learning what they think they know.


Only by understanding the qualities that support customer-centric success can we look to build successful, long-term relationships with customers. Designed specifically for working professionals and ambitious career-changers, the University of York has introduced a suite of online Management and Leadership MScs covering a wide range of topics designed to help students become better leaders.

As all learning materials are delivered 100% online, you can study when it suits you, earning a prestigious Russell Group Masters degree in your spare time, without taking a costly career break, as well as applying what you learn as you go. There are six start dates per year and you can  pay-per-module or obtain a UK Government-backed postgraduate loan to help with costs.

Find out more and begin your application.