Board members say they need cyber security experts
Three out of five board members believe that they need to have cyber security experts on their boards, yet only one in six claim to have substantial expertise in understanding the implications of cyber security.
These are among the findings of a report from risk analytics specialist Bay Dynamics which looks at why boards of directors are making cyber security a top priority and the challenges they face in reducing risk.
The need for compliance is driving many decisions, in the past two years, there has been an 11-fold increase in the number of organizations citing increased regulation from government as a driver and a similarly dramatic increase from industry bodies. Close behind, with a 10-fold increase, is fear of lawsuits and regulatory penalties.
This move is generally positive as 46 percent of board members believe compliance regulations help establish stronger security. Yet nearly 60 percent struggle with meeting the increased mandates these regulations demand -- an almost 20 percent jump over the past two years.
"This series of reports demonstrates a positive shift in how boards of directors are prioritizing and approaching cyber risk issues," says Ryan Stolte, co-founder and chief technology officer at Bay Dynamics. "It is clear that boards understand that they are responsible for setting the cyber risk appetite of an organization. This current report shows that board members want to understand and be actively involved in the cyber risk reduction process. That includes making decisions that drive continuous compliance and going a step further by adding a board member with cyber-specific expertise who speaks the same language as the trusted security executives advising them".
The full results of the study are available to download from the Bay Dynamics website.
Photo Credit: EmiliaUngur/Shutterstock