The Rising Tide in Risk Management

by Mark Gibbons 30. October 2015 15:59
Based on the results of a survey conducted in September 2015[1] with 150 directors of public company boards, it seems that directors are finally starting to understand their critical role in addressing cyber security. Indeed, cyber attacks are becoming more and more frequent, often targeting high-profile companies and their sensitive data and information. As the attacks become more widespread and damaging, the involvement of the corporate board in mitigating cyber risk has become an imperative. Of the 150 corporate board directors surveyed, 22% reported having experienced a cyber breach within the past two years, which has doubled since 2013 (11%). While those numbers are alarming, the good news is that 69% of corporate directors reported their board being more involved with cyber security than it was in the previous 12 months. Additionally, more than 70% of board members report having increased their company’s investments in cyber security within the last 12 months. 28% have purchased cyber insurance. Though the tide seems to be turning, the survey results indicate that there are many corporate boards and directors that haven’t yet taken key steps to mitigate cyber risk and protect their digital assets. Only 34% of directors reported having conducted a formal assessment of their critical digital assets, while 32% have had an assessment, but have no final strategy in place based on those assessments. Furthermore, although third-party vendors are a critical source of cyber attacks, only 35% of directors have developed cyber risk requirements for their third-party vendors. Has your board performed a risk assessment of its critical assets? Do you have a plan in place to mitigate cyber attacks? Don’t be the 21% without a plan in place.   To view the results of the survey, conducted by our Alliance partner BDO, click here. [1] Survey conducted by Market Measurement on behalf of Urish Popeck’s alliance partner BDO.
Categories: Risk Management