MISCELLANEOUS WRITINGS | 2017 EDITION | VOLUME 95
We're often told: “Change is inevitable.” But nobody warns us about stupid rules, unnecessary friction plus unchecked biases in a hiring process increasingly layered with time-consuming data and AI tech we, US Customs & Border Protection and NSA can't even protect. From the 2014 BigMoneyJobs.com hack, Equifax data breach, to the February 2019 Verifications.io 800+ million email MongoDB leak.
And then there's AI.
The reason 45% of employers struggle to fill open jobs is inflexibility, stinginess, and job application time wasters and friction. IKEA has paid dearly to adapt to millennials by opening smaller local shops, and it's reaping the rewards. With few exceptions, the hiring industry meanwhile is more focused on exploiting new technology only to cut costs while complaining about the results of its self-inflicted barriers. Job applications are not being properly read. Candidates aren't engaged (i.e., treated like the human beings they are). And fake, automated boilerplate responses and rejection letters, rife.Long before Zeynep Tufekci's TED Talk above — in December 2013 when the original iteration of this article was published — I listened to the show featured in Part 1 and wasn't surprised I felt like the only NPR listener who was disturbed. After all, it takes a certain acumen to be. Acumen that is critical to meaningfully improving Candidate Experience and attracting right, but fickle talent.
The problem with wrong-headed, tunnel vision HR Tech is: applicants with in-demand skills from cyber security to coding, don't have time for your onerous Applicant Tracking Software portals. Fickle, the best of them ignore enterprises negligent of Artificial Intelligence and other new tech risks.Without regard for candidate data privacy and security à la EU's GDPR for example, smartphone and social media-obsessed startups with high turnover we'll leave unnamed, often in Asia Pacific, have convinced themselves that requiring applicants to put video cover letters on Youtube means authentic engagement and superior, rather than a dysfunctional hiring practice. Not surprisingly, Monster has a disfavorable opinion of video resumés. And likely, HR experts like Forbes' Liz Ryan (above) too.
They brag about their successful applicants having “the best minds” when in an age of debilitating high-profile hacks highlighting the importance of hiring people with good security hygiene, nothing could be farther from the truth. Profitable consumer “digital insanity” and vanity is one thing. But more tech through what I call EDI (Enterprise Digital Vanity) isn't MORE HUMAN, or helpful to candidates. Not when your goal is hiring quality talent using intelligent talent acquisition. Isn't this why the rarer the skill in demand (e.g., coding, infosec), the lesser HR Tech gimmicks and barriers erected?
For example, if you're following someone on Social Media whose content, thought leadership and body of work is a direct extension of just about everything your organization does, is a “We're Hiring” tweet the best way to find good hires? Talking around them? Isn't it smarter to have a streamlined, well-thoughtout process for directly engaging them in place? Why risk losing them in the “job application” hellhole Liz Ryan and every candidate running by the clock hates?
Can we also agree that — as still seen in Africa and other emerging markets — leveraging the internet to advertise jobs only to demand job applicants STRICTLY apply using a P.O. Box 12345 address you provided is both passé and daft. And about that “overqualified” policy, have you seriously thought through Fast Company & Inc's research-based counterargument? And if we're talking about Building Smarter Human Resources, which is what this is about, how smart is yours?
Are you THAT determined to limit your top talent pool and SUCCEED in quickly turning off #HiPOs? Are candidates' photos, age, height, race, religious affiliations or sexual orientation REALLY relevant here?
Talent Acquisition is often “brain drain” acceleration. And Talent Mismanagement, as Top Talent or Right Talent is rightly given a good reason to look elsewhere. The irony being, in more advanced economies, the friction most annoying to notoriously impatient millennials is tech-zealous, non-essential yet time-consuming impediments on the one hand. And supposedly Social Media savvy recruiters, talent acquisition managers and HR professionals totally ignorant about OPSEC (click above) and its implications for novice recruiters googling candidates. Tony Lewis' view of missing home addresses for example reveals an industry woefully ignorant of its own ignorance. For Security pros, one proof of how tech killed recruiting is the laughable 41% of employers' delusion. Also, would YOU be happy with wrong data about you?Whatever happened to ASKING, LISTENING, and working with candidates and prospects vis-à-vis notoriously (wrong) background checks (click above) and the recruiting industry's self-inflicted talent crunch? And when given a CV/resumé, actually READING it? Because to be clear, many recruiters, while I appreciate their work—having done recruitment sourcing before—are in many cases going through through the motions, not reading; instead emailing candidates asking for data they've already received. How about being less defensive, parking egos, and applying real due diligence and healthy perspective?
How invested are you and your consulting partners in training generally, and upskilling IT pros? What about relocation assistance? Because if you're too bottom line-driven for those, you have no business complaining about any cybersecurity talent crisis.
Moreover, if, as a recruiter, you've naively ASSUMED InfoSec pros are all waiting for you on the Social Engineering, APT and Cybercrime treasure trove that is LinkedIn, your firm is likely a good data breach target. Like Michael Page.
Remember that next time your emailed and unnecessary long PII (personally identifiable information) request — for Right To Submit, or not; all information likely to be sold on Russian black markets — is ignored. Malicious cyberstalker and False Personation horror stories are real. So are Identity Theft criminals.
There used to be a time when applying for a job online was as simple as attaching your CV/resumé and emailing it. Nobody told you to cater to their short attention span or digital addiction by limiting the size of your document to KBs, or demanding you a video cover letter — naively assuming all job seekers have, or can afford a smartphone — so as to further subject you to additional cultural, social, racial and other biases and age discrimination, particularly common in underdeveloped and developing as well as emerging markets. And speaking of document size limits, I made Britain's CWJobs.co.uk quietly abandon their previous 200KB size limit with a single blog and tweet. Before tech killed recruiting, job seekers could efficiently reach several target organizations in one sitting.
They didn't have complex, and frankly meaningless 6-8 — in some cases even — 11 page Applicant Tracking Systems (“ATS”) and data-greedy middle men eager to capture their email address and track other PII (Personally Identifiable Information) to sell via third-party websites to the highest bidder. And never-ending sign-in requirements and the obligatory “Register to Apply” or “Create a Login ID” barriers in the way of applicants. M- and e-commerce customers too, unlikely to need THAT website again. Recruiters once had a wide talent pool to draw from. Today, that's no longer the case.Indeed even if understandably, Cybercrime, Spamming and BEC (Business Email Compromise) scams are real, bad HRM leadership is to blame. From Human Resources all the way up to CEOs. Google's is smooth enough. But the Europeans get it, and keep innovating. I recently saw a 3-option application interface (Fast, Login, and Manually Build Online). The Fast option read, and I paraphrase: “We've streamlined our application process. Simply upload your CV.” Enter an email address, upload your CV, click Submit; done! On to the next! Which is pragmatism and Candidate Experience millennials love. A while back, as the big shots at the World Economic Forum were opining on how to fix the talent scarcity problem companies like Sony face, I found reputable organizations like Bloomberg News have/had ATS missing Next and Finish buttons. Screenshots like these were taken fairly recently:Click or tap the above for a relevant HR study. Further, the 60% is only a conservative number. I used to be one of that 60%. But more critically, I now altogether ignore ALL Applicant Tracking Systems.
Apart from the error messages and bad code, many ATS like SunGard's and Standard Chartered Bank's can/could barely handle attachments. This is why smart/HiPo candidates quit long and problematic application forms and proceed to that competitor who isn't standing in the way of the great work they're dying to contribute. So whether you're a startup desperate not to lose top candidates to more established or larger organizations, tell us again: How EXACTLY is the right talent supposed to finish that application? And who to blame when recruiters get bad hires as a result of such dysfunction?There's a prevailing assumption that recruiters are all set; that they almost don't need regular training. Nothing could be further from the truth. Increasingly, I'm seeing a disturbing number of recruiters with very low Insider Threat IQ (click above). Yet we're all in the Data Security business now. And smart organizations serious about staving off debilitating Insider attacks should understand that IT Security and Intellectual Property theft protection begins at the recruiter level. Not InfoSec level. Too esoteric?
I lived in China for over 14 years. It's not a pretty thing to say. Then again: “Facts are stubborn things.” But arguably: Whoever hired the engineer who recently stole Apple's self-driving car trade secrets and immediately booked a flight to China was probably too naïve to understand that there are subtle to huge cultural differences between a Hong Konger hire and Mainland Chinese hire. Even a Taiwanese or Malaysian Chinese hire. So how culturally competent are your recruiters? How big a deal is character in your talent acquisition and sourcing? Also—and regular training helps fill the void—how well-traveled are those making key hiring decisions? And before you assume we're talking about 'been there done that' read this reality check addressing traveling right, as opposed to wrong. Indeed I'd even go so far as to subject a recruiting team to studying Strategic Deception Mitigation before setting them loose to hire globally. And if you cut corners and tolerate recruiters focusing myopically on a technical skills checklist and (startup or not) you're driven out of business, the general view in the security industry is that you deserve what you get. Because character matters. And Apple got lucky. But will you be?
Yet as you listen to Nathan Mellor, consider the role of your organizational culture in attracting and retaining great talent. Blackmere Consulting's valuable advice in light of the much publicized Talent Acquisition problem in Information Security complements arguments made in my own InfoSec's Echo Chamber Problem piece where among other issues I address diversity. Speaking of diversity, low global Insider Threat maturity at the recruiter level—due to lack of regular training—is another problem.
Moreover, along with HBR's advice on how to read jagged CV/resumés, valuable insight is frequently missed due to shrinking recruiter attention span—foolishly celebrated by pro-ATS and job search advice writers—as wrong-headed focus is placed on more ADHD-inducing tech, rife with wrong assumptions about employment equality. These being the same recruiters emailing candidates right back requesting their phone number, current location or visa type when it's right atop, or clearly on their CV. United Airlines meanwhile, sucks at hiring consummate professionals. And it shows.
Smart organizations and startups don't just talk about attracting, hiring AND retaining millennials. They prove they understand that hiring is NOT a one-sided conversation. Indeed if you're talking about millennials, jobs, or strategic policy-making in a room without a diverse majority of them, that's a laughable elementary mistake as bad as a startup, marketing, advertising or branding agency not testing ideas. For as with all good leadership, great decision-making rarely come from silos.Millennials are not automatons, but highly pragmatic. And they're not on your site to waste time or their life. #CandidateExperience to them, is not just a hashtag. They understand the importance of getting out of the way of creatives, good candidates and Hi-Pos alike: One page. A working Submit button. And/or an email option. And they're done. Something the UK, generally speaking, and many European application pages get. So does Twitter, DreamWorks Animation. Last time I checked.
And while in Britain and Hong Kong, they get part of the concept with their one-click ATS, they still miss what good HRM and winning startup founders and CEOs already get. Which, in a nutshell is: Don't turn applicants off. Because it is talent and character, not HR, that builds organizations. Plus, if you ask an applicant to limit the size of their file (say, a PDF) containing their portfolio or CV/resumé, technically, the stripped down PDF file you get (from 800KB say, down to 78KB) may be depleted of several useful features including hyperlinks critical to facilitating good hiring decision. In other words, by standing in the way, you're shooting your hiring strategy in the foot. Over to you, Seth:If you want to visit DisneyWorld, you'll need to buy a ticket and wait in line.
If you want to see the full moon, you can go outside and look up in the sky.
Often, we're tempted to create friction, barriers and turnstiles. We try to limit access, require a login, charge a fee...sometimes, that's because we want control, other times we believe we can accomplish more by collecting money. Clearly, people value the moments that they spend at Disney—with hundreds of dollars on the line and just a few hours to spend, there's an urgency and the feeling of an event occurring.
On the other hand, far more people look at the moon. Just about everyone, in fact.
If your goal is ubiquity, significant friction is probably not your finest tactic.
There used to be very few resources that were truly scalable at no cost, resources where we didn't need to use money or queues to limit who would use them. In the digital world, that number keeps skyrocketing. It doesn't cost a cent to allow more people to look at the moon, just as it's free for one more person to read this blog.
If you're going to add friction, if you're going to create urgency and scarcity, understand that it always comes at a cost. By all means, we need to figure out how to make a living from the work we do. But with scalable goods, particularly those that have substitutes, don't add friction unless there are enough benefits to make it worth our hassle.