Thursday, December 5, 2019
Corporate Compliance Insights
  • Home
    • Home
  • About
    • About CCI
    • Writing for CCI
    • Advertise With Us
  • Articles
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Industry News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
    • Home
  • About
    • About CCI
    • Writing for CCI
    • Advertise With Us
  • Articles
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Industry News
  • Jobs
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Governance

How Boards of Directors Really Feel About Cybersecurity Reports

by Corporate Compliance Insights
June 14, 2016
in Governance
How Boards of Directors Really Feel about Cyber Security Reports

New Report Reveals Majority of Board Members Say Cybersecurity Executives Will Lose Their Jobs for Poor Reporting

Bay Dynamics Unveils “How Boards of Directors Really Feel about Cyber Security Reports”

Bay Dynamics®, a leader in cyber risk analytics, unveiled today a new report that details board members’ perspectives about the cyber risk information reported to them by IT and security executives. The report titled, “How Boards of Directors Really Feel about Cyber Security Reports,” reveals that more than half of IT and security executives will lose their jobs as a result of failing to provide useful, actionable information. It also highlights significant contradictions such as while the majority (70 percent) of board members say they understand everything they’re being told by IT and security executives in their presentations, more than half believe the data presented is too technical.

The report is based on a nationwide survey, conducted by the third party research firm Osterman Research, of 125 enterprise executives that actively serve on a board of directors and receive reports about companies’ cyber security programs. Some of the additional findings include:

  • The board is paying attention: 89 percent of board members said they are very involved in making cyber risk decisions.
  • Cyber risks outweigh other risks: Cyber risks were the highest priority for 26 percent of board members surveyed, while other risks such as financial, legal, regulatory and competitive risks had the “highest priority” scores no higher than 16 to 22 percent.
  • There’s room for reporting improvements: Although more than three in five board members say they are both significantly or very “satisfied” and “inspired” after the typical presentation from IT and security executives about the company’s cyber risk, the majority (85 percent) believe that IT and security executives need to improve the way they report to the board.

The board report complements another report released by Bay Dynamics in February 2016 titled “Reporting to the Board: Where CISOs and the Board are Missing the Mark” which is based on a survey conducted by Osterman Research asking IT and security executives about how they report information to the board. Highlights of comparable data from both reports include:

  • The board says cyber risk information is actionable. IT and security executives say otherwise: While an overwhelming majority of board members (97 percent) say they know exactly what to do or have a good idea of what to do with the information they are presented by IT and security executives, only 40 percent of IT and security executives believe the information they provide to the board is actionable.
  • Board members say they understand, but IT and security executives don’t believe they do: Although 70 percent of board members surveyed said they understand everything they’re being told by IT and security executives in their presentations, only one third of IT and security executives believe the board comprehends the cyber security information provided to them.
  • There’s confusion regarding how cyber risk information is collected: Half of board member respondents believe IT and security executives use manually compiled spreadsheets to report cyber security data to the board. When in actuality, 81 percent of IT and security executives report they employ manually compiled spreadsheets to report data to the board.


Previous Post

The Key to Thwarting Cyber Risk

Next Post

Stopping Spreadsheet Fraud

Corporate Compliance Insights

Related Posts

businessman sitting on stage addressing auditorium

How ESG Trends Impact Corporate Governance and Compliance

November 26, 2019
view of businessman from the back looking at city skyline

Top Risks & Governance Strategies for the Less than Fortune 1000 Company

November 25, 2019
miniature people standing on coins beside wooden blocks spelling AML

The Board’s Role in AML Compliance

November 4, 2019
green shamrock on wood background

The Implications of Technology on the Workplace

October 22, 2019
Next Post
The risk of accounting fraud is real – do you know how to prevent it?

Stopping Spreadsheet Fraud

Free Downloads

OFAC whitepaper cover
Compliance Job Interview Q&A
Reputation Risk Management Research

RSS SEC Litigation News

  • Lester Burroughs December 5, 2019
    SEC Charges Connecticut Man with Defrauding Retail Investors
  • SBB Research Group LLC, et al. December 4, 2019
    SEC Charges Hedge Fund Adviser and Top Executives with Fraud
  • NIT Enterprises, Inc., et al. November 29, 2019
    SEC Halts Penny Stock Scheme Targeting Seniors

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks Big Data blockchain board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management corporate culture corporate governance culture of ethics cyber risk data analytics data breach data governance decision-making Dodd-Frank DOJ due diligence fcpa enforcement actions GDPR GRC HIPAA information security internal audit internet of things (IoT) KYC/know your customer machine learning monitoring regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • Audit
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • HR Compliance
  • Leadership and Career
  • News
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights