Cybersecurity continued in the boardroom
Cybersecurity is a significant risk that can have a material impact. As cybersecurity issues increase and become more visible, boards may decide to take an active role in understanding the risks associated with those issues. Many boards hear from the chief information officer, chief technology officer, or others who are tasked with monitoring the cyber risk. In addition, some company boards are engaging third-party specialists to speak with them about the risk, how to mitigate it, and signs that may signal a breach. The full board take the necessary actions to stay informed on management’s risk practices so it can effectively oversee cybersecurity.
Robert Mueller, director of the Federal Bureau of Investigation, recently spoke on a panel about the future of cybersecurity, said cyber threats will eventually equal or eclipse the terrorist threat. “There are only two types of companies—those that have been hacked and those that will be,” Mueller said, adding that boards should ask themselves what type of company are they and what are they doing about it. Cybersecurity is a becoming top-of-mind issue for most boards, and directors are becoming more preemptive in evaluating cybersecurity risk exposure as an enterprise-wide risk management issue and not limiting it to an IT concern.