Corporate Governance

Governance and security: casting the cyber-thieves out of the temple

Cyber-criminals know few ethical restraints and stealing from religious organisations certainly isn’t one of them. In recent years they’ve shifted their targets from banks, finance companies and big businesses to schools, hospitals and churches. This is because their goal has changed: personal data, which can be used in identity theft, can be just as valuable as access to an organisation’s bank accounts.

The consequences can be dire. Just this year, Nagle Catholic College in Geraldton, WA was compromised. Someone within the organisation unwittingly opened an email containing ‘malware’, which led to a significant data breach.

Over the course of four days, the criminals stole parents’ bank details and signatures. As soon as the school detected the attack, it notified its community, who duly cancelled credit cards, blocked accounts and took what steps they could to secure their finances and personal information.

In response, the school has reviewed its cybersecurity practices and engaged a team of cybersecurity experts, but the damage had already been done. Stolen credit card details, for example, might not be used to make purchases or transfer funds, which can delay the realisation that they have been compromised. Instead, as noted above, they may be used to assist with identity theft, a far more insidious and, over the long term, far more harmful practice.

Several schools in the area were attacked, indicating an organised approach by determined criminals. Which raises the question: What can a school – or a church – do?

Governance is the answer

‘Cyber security’ is only part of the answer to this question because good security is rooted in good governance. Corporate governance is critical for any organisation, and boards must adapt quickly to ensure they have the right strategies, tools and reporting structures in place.

The board must establish a security strategy before any but emergency measures are put in place. This includes setting goals, assigning responsibilities and allocating resources to ensure its success.

Operationally, it means having the right tools on hand to gather information, collate and analyse it, and securely distribute it to the board so performance can be monitored and well-informed decisions made.

However, good governance has benefits beyond better security management. In particular, adopting an effective board governance platform provides a ‘halo’ of additional benefits that reach across the entire organisation.

Catholic Super: governance to the rescue

Catholic Super is one of Australia’s oldest superannuation funds. Established in 1971, it has some 75,000 members and around $9.7 billion in funds under management.

The Financial Services Royal Commission was a watershed event for the industry, and Catholic Super was drawn into its remit to answer conflict of interest questions about a proposed merger with another fund.

Following the Royal Commission, and the Productivity Commission’s separate report (that recommended regulatory changes), Catholic Super has agreed to a merger with Equipsuper.

The merger process put its governance systems under pressure – and showed just how much a comprehensive governance platform could streamline a complicated process. More importantly, it can protect confidential information, ensure its accuracy, and assist boards in making their most important decisions.

Catholic Super had been using a conference papers app, but the developer went out of business, and the IT team realised the organisation needed a more modern solution – Diligent Boards.

With key features including secure messaging, a resources centre to hold critical documents, and the ability to create comprehensive board packs on the fly, it proved a crucial advantage during the merger process.

With extra board meetings in 2017 and six extraordinary board meetings in 2018, the ability to pull papers together at short notice (around five minutes, in some cases), combined with secure communication and collaboration tools, ensured Board members had accurate, up-to-date information at their fingertips.

Diligent: the only Modern Governance Solution

Good governance isn’t just one thing – so why buy software that only manages your board documents? Diligent empowers leading organisations around the world to turn good governance into good security and good business performance.

Governance hasn’t always kept up with the fast pace of change. Infrequent meetings, the use of paper for records and materials, and using unsecured communication tools for sensitive data have exposed numerous organisations to risk.

We call our approach ‘Modern Governance’ – the practice of empowering leaders with the technology, insights and processes required to fuel good governance. It addresses core needs including speed, visibility and security by putting tools and intelligence at executives’ and board members’ fingertips, so leaders have the information and insights they need, whenever (and wherever) they need them. It’s a powerful way to restore order, accountability and trust to any organisation.

If you are ready to speak to a Governance Expert at Diligent, please get in touch.

Board Portal Buyer’s Guide

With the right Board Portal software, a board can improve corporate governance and efficiency while collaborating in a secure environment. With lots of board portal vendors to choose from, the whitepaper contains the most important questions to ask during your search, divided into five essential categories.

Featured Blog