CSO: “Cybersecurity On The Agenda For 80 Percent Of Corporate Boards”

Cybersecurity is a topic of discussion at most board meetings, according to a new survey of 200 corporate directors.

The survey, conducted jointly by NYSE Governance Services and security vendor Veracode, revealed that more than 80 percent of board members say that cybersecurity is discussed at most or all board meetings.

Specifically, 35 percent said that cybersecurity was discussed at every board meeting and 46 percent said it was discussed at most meetings. Only 10 percent said they discussed cybersecurity after an incident in their industry or at their company — and only 1 percent said they never discussed cybersecurity at all.[…]

Top security concerns

The board members surveyed said that brand damage, data breach costs, and theft of intellectual property were the top concerns when it came to cybersecurity.

However, board members were less interested in specific details of how security was implemented.

Instead, 33 percent preferred to learn about corporate cybersecurity efforts in the form of high-level security strategy descriptions, and 31 percent wanted to learn about risk metrics.

Only 11 percent wanted to see peer comparisons or descriptions of specific security technologies, and only 9 percent wanted to know about the company’s audit and compliance status.

Not surprisingly, while technical skills and experience was the top quality boards wanted to see in a CISO, the rest of the qualifications looked for, in descending order, were business acumen, strong communication skills, ability to take risks, and expertise in crisis communications.

This was the first year that Veracode and NYSE Governance Services conducted the survey, so historical comparison data was not available.


Download the NYSE Survey:

The Board Director Training Institute (BDTI) is a "public interest" nonprofit in Japan dedicated to training about directorship, corporate governance, and related management techniques. It is certified by the Japanese government to conduct these activities as a regulated nonprofit. Read a summary about BDTI here, and see a menu of its services for both corporations and investors here.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.