Story image

Kiwi directors need to start talking about cyber security

02 Sep 2015

Directors can often be a high value target for cyber criminals as they have access to privileged information, says the Institute of Directors, the New Zealand based membership organisation focusing on excellence in corporate governance.

On top of this, directors are often still unwilling to have conversations about the necessity of cyber security.

“Directors have access to large amounts of important and sensitive information. Sitting on multiple boards means more information and more organisations which could be compromised.

“More and more often, directors are viewed as a potential weak link in an organisation’s defences and they become a target,” says Tom Walton, Network Box sales and marketing director.

According to Walton, cyber crime is the third biggest risk facing businesses globally, with a total market exposure from $500 million to $1 trillion. 

In fact, Walton says cyber crime is now even surpassing drug trafficking as criminals work out they can easily make a lot of money, fast, whilst remaining removed from the event itself.

However, according to Walton, “Directors are still very reluctant to accept and take accountability for this growing business risk.

“Many think it doesn’t apply to their organisation because they are too small a target, but in reality, cyber-attacks occur because of a lack of cyber preparedness and a weakness in defences.”

He says, “There is disconnect between the rapidly growing threat from cyber-attacks and the approaches used by businesses to manage them. First and foremost you need to understand what you don’t know.

“By having the conversation and putting plans and defences in place, when not if a cyber-threat does happen, damage is minimised and the business can recover quickly.”

Walton says cyber governance best practice needs to be led from the boardroom and implemented into organisational culture.

Margaret Devlin, Institute of Directors Waikato branch chair, agrees cyber risk is enterprise wide.

“We’re living in an era where technology is an integral part of our daily lives, and directors need to consider the strategic opportunities this presents.”

The Institute of Directors last month launched a new course and practical guide to support directors. 

The new course, Leading in a Digital Era, focuses on the leadership role boards need to play in being successful in the current business environment, while the Cyber-Risk Practice Guide offers five principles to help boards understand and monitor cyber-risk.

Walton will share some of this knowledge and his views on who should be accountable, along with suggestions for cyber governance best practices, at the Waikato Institute of Directors cyber-security workshop today.

Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.
Exclusive: Ping Identity on security risk mitigation
“Effective security controls are measured and defined by the direct mitigation of inherent and residual risk.”
CylancePROTECT now available on AWS Marketplace
Customers now have access to CylancePROTECT for AI-driven protection across all Windows, Mac, and Linux (including Amazon Linux) instances.