Boards are on high alert over security threats
“In 2014, 42.8 million security incidents were detected, a 48 percent increase over the previous year, according to PricewaterhouseCoopers. The average size of the financial hits attributed to those incidents was $2.7 million, and the number of organizations reporting incident-related losses of more than $20 million increased 92 percent last year, PwC reports. But the true cost may never be known. As many as 71 percent of compromise victims did not detect the breach themselves, according to a 2014 report by cybersecurity firm Trustwave.
Yet board members complain that they’re not getting the right information. More than one-third of them are dissatisfied with the quality of information they get regarding cybersecurity risk, and more than half are unhappy with the quantity of information provided, according to a NACD survey of 1,013 public companies.
There’s a positive correlation between how much the board is engaged with cybersecurity issues and the strength of IT security profiles, according to a study by business risk consultancy Protiviti. That’s why CIOs like Scholten and Angelo are focused on effective communication with their boards.”