Cyber Security and the Boardroom

Boards of directors must not only devote more attention to cyber risks, but also evaluate their organizations' readiness for an attack.

Board members, directors, and officers may be falling short on their duty to review their organization's risk practices, to include network breaches and failures in their business continuity planning and insurance coverages, and to disclose material cyber risks and incidents to stakeholders.

Cyber threats have grown so large that their consequences can significantly impact a company’s valuation. As a result, network security and data privacy are now boardroom governance concerns. Regulators, including the Securities and Exchange Commission, have responded by increasing oversight and highlighting the need for public companies to make disclosures related to these risks. Boards need to not only devote more attention to this ever-increasing risk but also evaluate their corporate readiness for such attacks.

In “Cyber Security and the Boardroom,” we:

• Review several questions to ask to determine if your organization is taking all the necessary steps to ensure cyber risk is being sufficiently managed.
• Outline how to close the cyber “awareness gap” between you and the board.
• Cover steps to take if a cyber breach occurs.