Boards of Directors taking active role in data security

Register now

Boards of directors are getting more involved in cybersecurity efforts at their organizations, and many have boosted spending on such initiatives, according to a new report from accounting and advisory firm BDO USA.

More than three-quarters (79 percent) of 140 public company directors surveyed in August 2017 said their board is more involved with cyber security than it was 12 months ago, and 78 percent said they have increased company investments during the past year to defend against cyber attacks. The average budget increased 19 percent.

This is the fourth consecutive year that board members have reported increases in time and dollars invested in cyber security, BDO said.

Despite this positive progress, the survey also found that businesses continue to resist sharing information on cyber attacks with entities outside of their company. Only one quarter (25 percent) are sharing information gleaned from cyber attacks with external entities.

“The annual survey has documented the continued ascension of cyber security in corporate boardrooms, as directors are being briefed more often and are responding with increased budgets to address this critical area,” said Gregory Garrett, leader of international cybersecurity at BDO USA.

“This year’s study also indicates that boards are aware of the expanding threat of ransomware and most of their businesses are proactively addressing this risk,” Garrett said. “The survey also reveals a significant vulnerability—the continued failure of companies to share information they have gathered from cyber attacks.”

For reprint and licensing requests for this article, click here.