Board Survey Reveals Continued Increases in Director Time and Company Resources Spent on Planning for Cybersecurity Risks
According to a new survey by BDO USA, LLP, one of the nation’s leading accounting and consulting organizations, approximately three-quarters (74%) of public company directors report that their board is more involved with cybersecurity than it was 12 months ago, and an even greater percentage (80%) say they have increased company investments during the past year to defend against cyber-attacks, with an average budget expansion of 22 percent.
This is the third consecutive year that board members have reported increases in time and dollars spent on cybersecurity. The survey also identified improvements in the number of boards with cyber-breach response plans in place (from 45% to 63%). Nevertheless, barely one-quarter (27%) are sharing information on cyber-attacks with entities outside of their business – a practice that needs to become more prevalent for the safety of critical infrastructure and national security, particularly at larger organizations.
“Over the past three years, the BDO Board Survey has documented the ascension of cybersecurity up the boardroom agenda. Corporate directors are being briefed more often and are responding with increased budgets to address this critical area,” said Shahryar Shaghaghi, National Leader of Technology Services for BDO Consulting. “The survey also reveals significant vulnerabilities. Although measurable progress has been made from a year ago, less than half of board members report they have both identified and developed solutions to protect their critical digital assets, and an even smaller proportion indicate they have put cyber-risk requirements in place for third-party vendors – a major source of cyber-attacks. Moreover, sharing information gleaned from cyber-attacks is a key to defeating hackers, yet just one-quarter of directors say their company is sharing this information.”
Visit BDO’s corporate governance center
Download and read the full report today:
About BDO USA
BDO is the brand name for BDO USA, LLP, a U.S. professional services firm providing assurance, tax, financial advisory and consulting services to a wide range of publicly traded and privately held companies. For more than 100 years, BDO has provided quality service through the active involvement of experienced and committed professionals. The firm serves clients through more than 60 offices and more than 400 independent alliance firm locations nationwide. As an independent Member Firm of BDO International Limited, BDO serves multi-national clients through a global network of more than 1,300 offices in over 150 countries.
BDO USA, LLP, a Delaware limited liability partnership, is the U.S. member of BDO International Limited, a UK company limited by guarantee, and forms part of the international BDO network of independent member firms. BDO is the brand name for the BDO network and for each of the BDO Member Firms. For more information, please visit: www.bdo.com.