Corporate Boards need to ensure that Management is fully-engaged in identifying & developing defense and response plans to current and future cybersecurity threats – or risk putting their company’s core assets (& possibly continued existence) at considerable risk.
After a series of high-profile data breaches and warnings, corporate boards are waking to cyber threats, even more so after the Target breach. Target’s board had come under greater scrutiny recently after Institutional Shareholder Services recommended that investors oust seven board members. The proxy firm said the board failed to protect the company from last year’s data breach, during which hackers seized the card data and personal information of tens of millions of shoppers. This is something that we all need to be aware of.
Cyber threats pose a critical threat to companies. However, companies continue to treat these threats solely as technological and entrust the cybersecurity protection to IT.
To survive, Enterprises have to recognize the cyber threat risks as an enterprise-survival risk management issue, severely impacting their business (perhaps fatally).
In addition, the focus is shifting from internal enterprise to an inter-connected, integrated and inter-dependent business ecosystem with a shift to both internal and external creation and sharing of data. A paradigm shift in the heightened exposure of data.
Cyber threats take many forms, and the response to those threats is now a Board-level responsibility. What are the implications for the Boardroom? How can Directors effectively oversee cybersecurity risk, the necessary processes and policies to protect sensitive networks, systems, and data from unauthorized access or attack, and the potential for financial, legal & regulatory compliance problems created by cyber threats?
These are the questions, every board member regardless of Industry vertical or company size should be preparing to answer. The first step is to recognize security as a business risk.
Pamela Gupta is a Senior Security Strategist at OutSecure, a Cyber Security Strategy Creation firm, tweet her.
Photo source: Flickr