Corporate Boards are increasingly exposed to cybersecurity risk as more organizations distribute their confidential board materials for digital with remote access. A recent corporate governance survey from Thomson Reuters discloses company Boards lack security protection to their confidential organizational Board information.
Most important, Boards continue to communicate through unsecure ways and have minimal measures in place to prevent a security breach. It is amazing to see that the survey also shows that ‘one in 10’ organizations reported that a Board member had either lost or had their computing device stolen in 2014, continuing the upward trend of reported sensitive data breaches.
This board governance survey consisted of more than 200 corporate and company board secretaries across various geographical regions including; Europe, the Americas, Australia, Asia, Africa and the Middle East to assess their views on some of the key issues and challenges faced by Board Governance groups. The respondents represented companies from various industries including financial services, education, manufacturing, government, life sciences, energy and other highly-regulated industries.
Board Cybersecurity Report Highlights Include:
- Two-thirds (67 percent) of corporate Boards are very concerned about Cybersecurity Risk, but only 44 percent claimed they actually make decisions on the topic.
- Over half of companies specified they had been in situations where Board members had left sensitive documents in public places or had heard of such instances.
- Half (51 percent) of organizations surveyed ‘do not’ utilize a secure purpose-built board portal or system.
- 60 percent of companies never or only occasionally encrypt their Board communications, and only one-quarter indicated that they always do so.
- More than half (56 percent) of Board members still print and regularly carry unprotected Board documents.
- An increasing proportion of respondents are not confident Board members destroy sensitive, printed Board documents, while a staggering 60 percent of companies are not confident or are unsure if their Board members do so.
- Cybersecurity information is the least frequently requested information by the Board, with only 32 percent of Boards frequently or very frequently requesting such information.
As more companies convert their confidential Board content materials from paper board books to digital, we are continually surprised that companies do not have processes and technology in place to protect against the continual cybersecurity and security threats. Additionally, with the accelerated trend to distributing their Board assets on Mobile Devices such as the iPad – companies are not taking proactive steps to secure their most confidential Board assets on these devices.
Security and Cybersecurity Risk to Organization
Another increasing trend is the use of ‘private’ mobile devices are now commonly used by most Board members for Board communications, but only one-third of them are provided by the company itself. Moreover, there has been an increase in these devices that are used for Board communications being stolen or lost. 10 percent of companies reported that they have had a Board member report a stolen device and at the same time – 5 percent of organizations stated that they have had sensitive Board materials left in a public place.
Numerous companies continue to use ‘non-secure’ commercial email accounts to send Board content and information to Board members, with 43 percent of board respondents claiming they always or regularly do this. With 60 percent of companies never or only occasionally encrypting Board communications, many could be leaving their Board communications liable to hacking and their organization at risk of a serious data breach!
Currently it is estimated that one-third of organizations continue to print and courier materials to Board members and that 56 percent of Board members print and regularly carry these confidential content materials.
Most importantly, there is also a strong lack of confidence that these materials are destroyed when required, with only 28 percent of respondents reporting that they are confident that their Board members do so.
The geographical distribution of corporate Boards also continues to be an issue for many organizations, with 34 percent of Board members spread across a number of countries.
In 2014, the number of Board and Executive Committee meetings monthly or quarterly has risen to 78 percent, this means Boards that use manual processes like paper Board Books to share Board material are likely to be experiencing increases in the cost of printing and couriering Board content materials.
About the Modevity ARALOC Boardroom System
Modevity founded in 2004 is a leader in content distribution and security protection solutions.
The ARALOC Boardroom System is the market leader providing the industry’s highest level of fully configurable “in-transit” and “at-rest” encryption security with integrated rights management controls and includes custom branded and configured user applications for iPad, iPhone, Android, and PC / Mac.
The ARALOC™ Boardroom System is the leading board governance system for today’s secure yet mobile-centric enterprise. ARALOC provides end-to-end content distribution automation, management and security protection.
Contact Tom J. Canova, Co-Founder, CMO and Blogger at Modevity, LLC 610-251-0700 ext.119 email@example.com