Board Members Can No Longer Ignore Cybersecurity
By Mick Cobb
Cybersecurity is no longer optional for board members. Today’s boardroom is a perfect target for hackers. It is home to the most important decision makers in the company. A data breach involving confidential board information can devastate an organization’s reputation and cost millions in response to incidents, recovery, rescues, or litigation.
Given the sensitivity and value of the information that boards usually have, the potential harm of a hacker to board deliberations is often far worse than a data breach by a lower-level employee.
Search less. Close more.
Increase your revenue with all-in-one prospecting solutions driven by the leader in private business data.
However, for many companies, cybersecurity for the board does not receive the same attention. To improve cybersecurity within organizations, board members must meet the same standards as employees.
Data breaches have costly consequences, such as reputation damage, loss of customers, legal fees, and regulatory penalties. According to an IBM security report, the average data gap in the US costs more than $ 9 million. The cost may be higher for organizations in highly regulated industries, such as healthcare.
About 89% of directors, administrators, and staff members see cybersecurity as vital to the success of their organizations, and according to a recent IDG Communications report, 57% of CIOs see the need to improve security.
Data breaches and cybersecurity attacks are not the only risks for councils. They also face threats of unforeseen and accidental leaks, which are embarrassing and can severely affect a company’s operations and results.
The personal and board e-mail accounts of board directors are also subject to litigation. When board members join an organization, they sign a contract that they agree to meet safety standards. If they do not meet these standards, they are open to personal liability, even if they have only accidentally facilitated a leak or hacking of board information.
So what can be done? To begin with, organizations should invest in sound cybersecurity infrastructure and provide training to board members on how to use them.
Second, make sure directors have the proper security permissions. Not all board members should have the same access to information. If there is a conflict of interest, often mandatory disclosure in many industries and states, it is best to limit the access of some board members to avoid potential problems.
Third, to protect a board’s communications from fishing attacks and other cyber threats, it is essential to use a secure communications platform that provides notification systems to let directors know that messages are on hold. In this way, sensitive information is never transmitted in an insecure way.
Fourth, all board materials must be digitally managed using a secure platform. This is especially important for sensitive information that should not be stored on sites like Google Drive or Dropbox.
Fifth, protect the minutes of the meeting, the official minutes of a board meeting. If they fall into the wrong hands, confidential information could be exposed, damaging a company’s reputation. For this reason, it is essential to distribute the minutes only to the directors and use a safe method. Google Drive or links sent by personal email are not secure enough and should be avoided.
Sixth, managers are likely to have sensitive information stored on their laptops, desktops, or cell phones. A dashboard portal can help you manage these devices, keep them safe, and, in case of loss or theft, allow your data to be securely erased.
Seventh, have a board that knows cyber literacy. The tips are usually made up of domain experts who know the details of their field. However, today’s councils are looking for people with cybersecurity knowledge. This ensures that your business complies with the regulations and can implement the necessary suggestions to keep your data secure.
Finally, be prepared. CIOs and IT teams should have the resources and budgets to meet or exceed cybersecurity best practices. This includes regular safety training for employees and managers.
Through these steps, tips can ensure the smooth running of your organization and the security of your confidential information.
Mick Cobb is CTO of OnBoard, a secure consulting management platform, and is a leader in software development, IT service delivery, enterprise architecture, and data security. Cobb holds an MBA from the Massachusetts Institute of Technology. OnBoard serves as an intelligence platform for more than 3,000 organizations and their 12,000 boards and committees in 32 countries around the world.
Illustration: Dom Guzman
Stay up to date with the latest rounds of funding, acquisitions and more with Crunchbase Daily.