Skip to main content
close search
site logo
Dive Brief

Board members find cybersecurity risk an existential threat

Published Jan. 16, 2020
Roberto Torres's headshot
Editor
Samuel Zeller for Unsplash

Dive Brief:

  • Members of board of directors find cybersecurity risk to be a "fundamental hazard to the continued existence of the enterprise," according to a study from UC Berkeley's Center for Long-Term Cybersecurity (CLTC) and consulting firm Booz Allen Hamilton released Wednesday. They interviewed 20 board members from U.S. companies in nine industries.  
  • As the relevance of cyberthreats rises among leaders, board members see cyber risk as "no longer confined to a set of operational decisions to be left solely in the hands of IT management." Tech leaders, such as CISOs, can help the board grasp complex technical and engineering concepts. 
  • But board members say they don't have the information and processes in place to provide effective governance when it comes to cyber risk, since it requires a different and more dynamic governance model than other types of risks.

Dive Insight:

Successful digital transformation journeys need a committed board of directors that gets involved, rather than oversees. The lack of an effective cyber risk governance strategy, means trouble ahead for companies.  

At companies, such as Wendy's and Target, boards have experienced firsthand the financial and reputational impact of a cyberattack, and their incidents serve as a cautionary tale.

"Boards feel a deep sense of urgency to exercise a central role in improving their firm's cybersecurity posture through enterprise-level governance and oversight," said Bill Phelps, a Booz Allen executive vice president and leader of the firm's U.S. Commercial business, in a release.

Additional threats lie in the missed opportunities: cybersecurity strategies can't grind innovation or product development to a halt.

"The opportunity costs of actions not taken, products not created, and markets not entered because of unmanaged security risk are mounting, even though they are hard to quantify," the study said. "Boards need to hold management to a standard in which cybersecurity and innovation are fully consistent with each other, if not synergistic."

To better understand risks, boards of directors want them to be articulated in the context of trade offs and return on investment

Recommended Reading

Filed Under: IT Strategy, Security

Editors' picks

Company Announcements

View all | Post a press release
Traceable Releases 2025 State of API Security Report: API Breaches Persist as Fraud, Bot Attac…
From Traceable AI
October 30, 2024
Cosentino Drives Business Transformation with AI Powered by Celonis Process Intelligence
From Celonis
October 23, 2024
DigiCert Welcomes Lakshmi Hanspal as New Chief Trust Officer
From DigiCert
October 24, 2024
Tech Ambitions Collide with Reality: 2025 Technology Impact Report Exposes Critical Readiness…
From Omnia Strategy Group, LLC
October 21, 2024
Editors' picks
Latest in IT Strategy
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell