The Conference Board
Nov 10 2011
Cyber security, and the importance of management and board engagement on the issue, has been generating a lot of discussion lately. Indeed, the spate of security breaches has made it clear that no organization is immune and that, as a society, we must develop a level of tolerance for the fact that our information is accessible to those with the determination and resources to go after it.
Even if we resign ourselves to the risk of a breach, however, there are steps that organizations can and should take to reduce the likelihood of a breach and to mitigate the impact and disruption if one does happen. Companies are responding. Strong solutions are emerging from the security industry, but also from business leaders across all industries. Yet there remains one last frontier of corporate cyber security: the boardroom.
With boards rapidly migrating to digital interactions, managers and directors should be doing all they can to manage the security risks that come with the digital realm.
To be clear, the digitization of the boardroom, through the introduction of iPads, boardroom portals, and other technology brings great benefits. Reduced shipping costs (not to mention the related reduction of CO2 emissions), ease of delivery, and increased document retention capability are just a few of the many benefits. And many would argue that enhanced corporate security is another important benefit. After all, do your directors really destroy all of their board books after each meeting?
These points are all well and good, but it isn’t all upside with technology (as I’m sure a director or two would be quick to point out). Ultimately, the security of your boardroom is only as strong as its weakest link. So here are a set of questions that directors should be asking themselves:
1) Do I understand the security protocol for our board documents?
2) Do I, or does my organization, have a process to scrub my mobile device if I lose it?
3) Do I have the appropriate security programs and practices in place on all computers I use for company business?
4) When reviewing board documents, am I aware of my surroundings? (This question is as important for paper documents as for digital ones. Yet when the computer screen is up versus papers lying on the table, documents are more visible.)
5) Do I know who to notify in the event of a departure from company protocol?
Technology demands a balanced approach, one that allows for new ideas and workflows to be introduced to our organizations, but also one that takes the realities of the world around us into account. As the recent U.S. intelligence document, Foreign Spies Stealing US Economic Secrets in Cyberspace, points out, China and Russia have been bankrolling hackers who plunder corporate files. This suggests that the resources of these cyber thieves will not dry up any time soon.
While cyber security has become an issue of increasingly intense focus for management and boards over the past year or so, it is important to pause for a moment and take a good look at the behavior of the board. It could mean the difference between creating a sound cyber security infrastructure and enabling the unintended release of key corporate data.
- Marcel Bucsescu
Access Source And Its Great Content : http://tcbblogs.org/governance/2011/11/10/cyber-security-in-the-boardroom/
No comments:
Post a Comment