A recent survey by the National Association of Corporate Directors (NACD) has revealed that although the vast majority (almost 90%) of directors at public companies say their board discusses cyber-risk regularly, only 14% of them have deep knowledge of cyber-risks.
So says Lutz Blaeser, MD of Intact Software Distribution, adding that over half of respondents (60%) said they find overseeing cyber risk a challenge. “Just over half of publicly listed companies, reported that cyber-risk oversight falls on the audit committee, and the vast majority (96%) of directors that took the survey said the full board takes on the big picture risks that could impact their organisation’s strategic direction.”
The survey, says Blaeser, also highlighted that the most common board cyber-risk oversight practices are reviewing the organisation’s approach to protecting its most critical assets, followed by reviewing the technical infrastructure used to protect those assets. Alongside all of this, the study said the cyber-threat landscape is becoming more complex and challenging, with a rise in nation-state attacks targeting both public and private sector organisations.
“In the event of a breach, the Association recommends that executives focus on several areas. Firstly, discussions around which data, and how much data, is the company willing to lose or have compromised are important, as it will help establish risk tolerance, and identify how much risk the organisation is willing to accept. Key to this discussion is identifying which information is crucial to the welfare and survival of the business, and which isn’t that important,” he says.
Next, they need to decide how cyber security investments and mitigation solutions should be allocated among basic and advanced defences. “When thinking about how to get a handle on more serious and complex threats, executives should train their most sophisticated defences on the company’s most critical data.”
At the same time, for less important data assets, businesses should consider accepting more risk than for higher-priority assets, as the costs of defence will more often than not exceed the benefits. “Boards should encourage management to look at infosec investments in terms of their ROI, and should also relook at ROI on a regular basis, as the costs of protection and the company’s asset priorities will change over the months and years.”
Blaeser adds that businesses across all industries and of all sizes have a plethora of security solutions available to them, all aimed at mitigating cyber risk and preventing breaches. “Add to this staff training, infosec and expert response services, which will add another layer of protection and expertise. It’s important to include these value-added services, and they highlight the necessity to move the cyber security discussion outside the IT department, and include the entire organisation.”
He adds that there is also cyber insurance these days, which helps to meet some of the costs associated with a breach, including financial losses, damage to equipment and similar. “It is very hard, however, to put a price tag on a security incident. Conducting an assessment is not easy considering the sheer number of factors involved. It’s hard to quantify what a loss of confidence will truly cost the business, or a loss of future business.”
About Intact Software Distribution
Intact Software Distribution is a dedicated software distributor focusing on providing a full range of security software solutions, coupled with the service performance and know-how of an experienced and specialised solution provider.
Intact Security provides a focused approach to support and technical knowledge transfer in association with the channel. Where required, the company assists with implementation of the products. Intact Security is specifically focused on customer satisfaction, providing an all-round peace of mind scenario which results in collaborative engagements facilitating clients’ needs and requirements.
Intact Software Distribution’s offering consists of the full Avira, G Data and StorageCraft ranges, as well as the Bitdefender and Kaspersky corporate products.
Intact Software Distribution
- The Saturday Night Show – Tales from my stethoscope | Bruna Dessena |#AdvancedLifeSupportParamedic |#Podcst |#PayItForward - January 21, 2021
- Oops….you exposed yourself! What’s up with What’s App? |#LTM | Craig Page-Lee |#Marketing | Podcast |#ebizradio - January 21, 2021
- Why you need to be agile in 2021 |#LTC |#Coaching |Meenakshi Iyer | Northstar at Work |#Podcast |#ebizradio - January 20, 2021
- The art of virtual B2B selling in 2021 | #TalkDigitalZA |#AudreyNaidoo |#ShelleyWalters | The Sales Counsel |#Podcast | #ebizradio - January 20, 2021
- What is SELF EFFICACY? |#LTC |#kevinbritz |#Coaching | Liezl Mari Reid |#Podcast |#ebizradio - January 19, 2021
- The thinking behind the launch of print weekly DM168 |Mike Stopforth |#OneEyedManPodcast |Styli Charalambous | Daily Maverick |#ebizradio - January 18, 2021
- Love your problems |#LTL |#Leadership | Dawn Rowlands |#Dentsu |#KevinBritz |#ebizradio |#podcast - January 18, 2021
- WHY CORPORATES HAVE TO ADJUST NOW! |#LTC |#Kevinbritz | Mpume Ncube-Daka |#ebizradio |#Podcast - January 13, 2021
- WHAT OWNS YOU? |#LTC |#Coaching |#Kevinbritz | Angela Hardy |#Podcast |#ebizradio - January 12, 2021
- Rethinking organisational design and effectiveness through CEOship |#OneEyedMan |Rowan Belchers | Lockstep |#ebizradio |#Podcast |#Mikestopforth - January 11, 2021