Boards of directors are getting more involved in cybersecurity efforts at their organizations, and many have boosted spending on such initiatives, according to a new report from accounting and advisory firm BDO USA.

More than three-quarters (79 percent) of 140 public company directors surveyed in August 2017 said their board is more involved with cyber security than it was 12 months ago, and 78 percent said they have increased company investments during the past year to defend against cyber attacks. The average budget increased 19 percent.

This is the fourth consecutive year that board members have reported increases in time and dollars invested in cyber security, BDO said.

Gregory Garrett
Gregory Garrett

Despite this positive progress, the survey also found that businesses continue to resist sharing information on cyber attacks with entities outside of their company. Only one quarter (25 percent) are sharing information gleaned from cyber attacks with external entities.

“The annual survey has documented the continued ascension of cyber security in corporate boardrooms, as directors are being briefed more often and are responding with increased budgets to address this critical area,” said Gregory Garrett, leader of international cybersecurity at BDO USA.

“This year’s study also indicates that boards are aware of the expanding threat of ransomware and most of their businesses are proactively addressing this risk,” Garrett said. “The survey also reveals a significant vulnerability—the continued failure of companies to share information they have gathered from cyber attacks.”

Register or login for access to this item and much more

All Information Management content is archived after seven days.

Community members receive:
  • All recent and archived articles
  • Conference offers and updates
  • A full menu of enewsletter options
  • Web seminars, white papers, ebooks

Don't have an account? Register for Free Unlimited Access

Bob Violino

Bob Violino

Bob Violino is a freelance technology and business writer who covers a variety of topics, including big data and analytics, cloud computing, information security and mobile technology.