With so many high profile data breaches in the public eye recently, cyber security is now front and center in many organizations. Globally cyber attacks and data leaks are daily threats to organizations, reminding everyone that we are all potential targets. Attorneys are warning about potential individual liability for corporate directors who do not take appropriate responsibility for oversight of cyber security while investors and regulators are pushing boards to step up their oversight. As a result, corporate boards have woken up to the call that they must address cyber security issues on their front lines, as it is no longer just an Information Technology issue.
A “belt and braces” approach to security must stop at the top – boards must start by focusing their own communications and materials as part of their comprehensive cyber risk management. Communications through insecure means, loss or theft of board computing devices, lack or occasional encryption of board communications, and printed copies of board documents can result in loss of intellectual property, client lists or commercially sensitive business data, legal expenses, loss of reputation and time loss.
In this digital age boards must have structures in place to safeguard their information from cyber security threats. Data-centric security can be a sure way to help boardroom materials and communications. By encrypting sensitive board files and applying persistent security policies to protect them regardless of where they are or their format. Below are some of the advantages to data-centric security:
• Encryption and policy based control of board files
• Ability to securely share files
• Granular control of who can View, Edit, Print and take a Screen Capture
• Ability to limit access time and number of devices
• Ability to revoke access to sensitive files immediately regardless of location
• Ability to trace and control user and file activities in real-time
Considering the significant impact posed by a potential cyber breach, boardroom engagement with cyber risk management must be a top priority starting with the securing of the board’s own communications and board materials.