Corporate directors by now are well aware of the potentially catastrophic legal and regulatory consequences of a cyber-attack or large data breach, but how to effectively address those risks still eludes many boards.
Boards are increasingly interested in obtaining a better understanding of their companies’ data privacy and security risks. “Today’s boards have become much more sensitive to cyber-security risks and the harm they could cause to a company’s reputation and business,” says Vishy Padmanabhan, a partner with consulting firm Bain & Co. and a member of the firm’s global information technology practice.
Even as directors are paying more attention to data security and privacy risks, they are less confident in their ability to monitor such risks. A recent board governance survey of nearly 600 directors conducted by NYSE Governance Services and executive search firm Spencer Stuart found that 40 percent of respondents said there was room to improve their knowledge and understanding of IT risk oversight. About the same number said they weren’t confident in their ability to monitor how IT risks relate to the execution of the company strategy, and 41 percent expressed a lack of confidence in their ability to monitor the security of sensitive data.
Similarly, in a separate board governance survey conducted by PwC, nearly half of directors surveyed stated that they only “moderately” believe that the company’s strategy and IT risk mitigation is supported by a sufficient understanding of IT at the board level, while 28 percent said it needs improvement. Only 22 percent agree strongly that management provides them with adequate information for effective oversight.
To address this gap, many boards are looking to beef up IT and data security experience. In the NYSE Governance Services survey, board members ranked IT experience among the top five most important attributes—along with financial experience, industry experience, and CEO experience—in selecting new board members. Meanwhile, 75 percent of 934 public company directors polled by PwC said adding directors with technology or digital media experience is important, up from 68 percent last year.
This article has been extracted from http://www.complianceweek.com, please click on this link to read the article in full http://www.complianceweek.com/boards-look-to-boost-it-data-security-oversight/article/337281/
Montash is a multi-award winning, global IT recruitment firm. Specialising in permanent and contract positions across mid-senior appointments across a wide range of industry sectors and IT functions, including:
ERP, BI & Data, Information Security, IT Architecture & Strategy, Scientific Technologies, Demand IT and Business Engagement, Digital and E-commerce, Infrastructure and Service Delivery, Project and Programme Delivery.
With offices based in London, Montash has completed assignments in over 30 countries and has appointed technical professionals from board level to senior and mid management in permanent and contract roles.
For more information about Montash, please visit www.montash.com