Thomson Reuters,the world’s leading source of intelligent informationfor businesses and professionals, released its board governance survey for 2014,which shows that despitea slight decline in the amount of board information being produced each year,corporate boards are increasingly exposed to cybersecurity risk. Boardscontinue to communicate through unsecure means, and have minimal measures inplace to prevent a security breach. The survey also shows that one in tenorganizations reported that a board member had either lost or had theircomputing device stolen in 2014, continuing the upward trend of reportedsensitive data breaches.
Thomson Reuters surveyed more than 200corporate and company secretaries across Europe, the Americas, Australia, Asia,Africa and the Middle East to canvass their views on some of the key challengesfaced by the board today. Respondents represented firms from a wide set ofindustries including financial services, manufacturing, government, education,life sciences, energy and other highly-regulated industries.
Key findings from the report include:
- Over half of organizations indicated they had been in asituation where board members had left sensitive documents in public places orhad heard of such instances
- Two thirds (67%) of corporate boards are very concernedabout cybersecurity risk, whilst only 44% claimed they actually make decisionson the topic
- 60% of organizations never or only occasionally encrypt theirboard communications, and only a quarter indicated that they always do so
- More than half (56%) of board members still print andcarry around board documents
- Half (51%) of organizations surveyed do not utilize asecure purpose-built board portal
- Cybersecurity information is the least frequentlyrequested information by the board, with only 32% of board frequently or veryfrequently requesting such information
- An increasing proportion of respondents are not confidentboard members destroy sensitive printed board documents, while a staggering 60%of organizations are not confident or unsure if their board members do so
“In thisdigital age it’s alarming that so many organizations don’t have structures inplace to safeguard their information from security and cybersecurity threats,” said Phil Cotter, managing director, head of Risk, Thomson Reuters. “What’sdisheartening is that informationon cybersecurity remains the least frequently requested information by corporateboards, which leaves significant uncertainty around their ability toeffectively oversee security management, particularly if they aren’t takingsteps to keep fully informed on security matters.”
Security and cybersecurity risk
Private computing devices are now commonly used by most board membersfor board communications but only a third of them are provided by the companyitself. Furthermore, there has been an increase in these computing devices thatare used for board communications being stolen or lost. 10% of organizationsreported they have had a board member to whom this has happened to and 5% oforganizations stated they have had sensitive board materials left in a publicplace.
Many organizations continue to use non-secure commercial email accountsto send board information to board members with 43% of respondents claimingthey always or regularly do this. With 60% of organizations never or only occasionallyencrypting board communications, many could be leaving their boardcommunications liable to hacking and their organization at risk of a seriousdata breach.
A third of organizations continue to print and courier materials toboard members and 56% of board members print and carry materials around. Thereis also a considerable lack of confidence that these materials are disposed ofsecurely with only 28% of respondents reporting that they are confident thattheir board members do so.
Communicationsand technology
The geographical dispersion of corporateboards also continues to be an issue for organizations, with 34% of boardmember spread across a number of countries. In 2014 the number of boardsmeeting monthly or quarterly has risen to 78%, meaning boards that use manualprocesses to share board material are likely to be experiencing increases inthe cost of printing and couriering board books.
Adetailed report on the survey’s findings can be found at: http://accelus.thomsonreuters.com/special-report/evolving-role-global-board
ThomsonReuters Accelus is a market-leading solutions for enterprise Governance, Riskand Compliance (GRC) management, enterprise risk management, policy management,audit management, global regulatory intelligence, financial crime, anti-briberyand corruption, supply chain risk, enhanced due diligence, training ande-learning, and Board of Director and disclosure services. For more information, go to http://accelus.thomsonreuters.com/