This issue of BoardroomDirect® addresses cybersecurity risk being a board priority, the SEC applying website guidance to company social media use, the US Chamber publishing proxy advisor principles, Pw‘s 2013 State of the Internal Audit Profession Survey, NYC attorneys asking NYSE to reconsider its audit committee risk rule, and COSO issuing an updated framework next month.
Issue in focus: Cybersecurity risk on the board’s agenda
As the number of database breaches, company web site hacks and loss of intellectual properties grows, company boards realize cybersecurity is not just a technology risk. It can be an enterprise risk management issue.
What’s at stake for companies are their so-called “crown jewels,” those information assets or processes that, if stolen, compromised, or used inappropriately would render significant hardship to the business.
Cybersecurity issues are among the top risk management issues facing companies, according to recent surveys by PwC. The PwC 2012 Annual Corporate Directors Survey of 860 public company directors found that nearly three-quarters (72%) of directors are engaged with overseeing and understanding data security issues and risks related to compromising customer data.