Cyber-criminals know few ethical restraints and stealing from religious organisations certainly isn’t one of them. In recent years they’ve shifted their targets from banks, finance companies and big businesses to schools, hospitals and churches. This is because their goal has changed: personal data, which can be used in identity theft, can be just as valuable as access to an organisation’s bank accounts.
The consequences can be dire. Just this year, Nagle Catholic College in Geraldton, WA was compromised. Someone within the organisation unwittingly opened an email containing ‘malware’, which led to a significant data breach.
Over the course of four days, the criminals stole parents’ bank details and signatures. As soon as the school detected the attack, it notified its community, who duly cancelled credit cards, blocked accounts and took what steps they could to secure their finances and personal information.
In response, the school has reviewed its cybersecurity practices and engaged a team of cybersecurity experts, but the damage had already been done. Stolen credit card details, for example, might not be used to make purchases or transfer funds, which can delay the realisation that they have been compromised. Instead, as noted above, they may be used to assist with identity theft, a far more insidious and, over the long term, far more harmful practice.
Several schools in the area were attacked, indicating an organised approach by determined criminals. Which raises the question: What can a school – or a church – do?
Governance is the answer
‘Cyber security’ is only part of the answer to this question because good security is rooted in good governance. Corporate governance is critical for any organisation, and boards must adapt quickly to ensure they have the right strategies, tools and reporting structures in place.
The board must establish a security strategy before any but emergency measures are put in place. This includes setting goals, assigning responsibilities and allocating resources to ensure its success.
Operationally, it means having the right tools on hand to gather information, collate and analyse it, and securely distribute it to the board so performance can be monitored and well-informed decisions made.
However, good governance has benefits beyond better security management. In particular, adopting an effective board governance platform provides a ‘halo’ of additional benefits that reach across the entire organisation.
Catholic Super: governance to the rescue
Catholic Super is one of Australia’s oldest superannuation funds. Established in 1971, it has some 75,000 members and around $9.7 billion in funds under management.
The Financial Services Royal Commission was a watershed event for the industry, and Catholic Super was drawn into its remit to answer conflict of interest questions about a proposed merger with another fund.
Following the Royal Commission, and the Productivity Commission’s separate report (that recommended regulatory changes), Catholic Super has agreed to a merger with Equipsuper.
The merger process put its governance systems under pressure – and showed just how much a comprehensive governance platform could streamline a complicated process. More importantly, it can protect confidential information, ensure its accuracy, and assist boards in making their most important decisions.
Catholic Super had been using a conference papers app, but the developer went out of business, and the IT team realised the organisation needed a more modern solution – Diligent Boards.
With key features including secure messaging, a resources centre to hold critical documents, and the ability to create comprehensive board packs on the fly, it proved a crucial advantage during the merger process.
With extra board meetings in 2017 and six extraordinary board meetings in 2018, the ability to pull papers together at short notice (around five minutes, in some cases), combined with secure communication and collaboration tools, ensured Board members had accurate, up-to-date information at their fingertips.
Diligent: the only Modern Governance Solution
Good governance isn’t just one thing – so why buy software that only manages your board documents? Diligent empowers leading organisations around the world to turn good governance into good security and good business performance.
Governance hasn’t always kept up with the fast pace of change. Infrequent meetings, the use of paper for records and materials, and using unsecured communication tools for sensitive data have exposed numerous organisations to risk.
We call our approach ‘Modern Governance’ – the practice of empowering leaders with the technology, insights and processes required to fuel good governance. It addresses core needs including speed, visibility and security by putting tools and intelligence at executives’ and board members’ fingertips, so leaders have the information and insights they need, whenever (and wherever) they need them. It’s a powerful way to restore order, accountability and trust to any organisation.
If you are ready to speak to a Governance Expert at Diligent, please get in touch.
Board Portal Buyer’s Guide
With the right Board Portal software, a board can improve corporate governance and efficiency while collaborating in a secure environment. With lots of board portal vendors to choose from, the whitepaper contains the most important questions to ask during your search, divided into five essential categories.
January 29, 2021
Business Continuity Strategy: Options, Best Practice Approaches and Examples
There’s no shortage of things to consider when you’re upgrading your business continuity strategy. For instance: What should your plan cover? What are the critical inputs to the business continuity strategy? What are the different approaches and solutions available? What should the recovery strategies look like within your business…
September 7, 2020
Avoiding Cyber Confusion in the Board Room
It is imperative that Directors understand the cyber risks facing their companies and organisations. The increasingly complex internal and external landscape presents unique challenges for Boards. Several key steps can however significantly increase the cyber resilience of any company or organisation, irrespective of size. The article outlines five key steps…
August 20, 2020
Minimising the Risk of Virtual Meetings: 5 Practices Boards Should Avoid
Months into the COVID-19 lockdown, remote workers—and board members—have become more accustomed to virtual meetings. They’ve found a quiet place in the house, mastered the mute and camera buttons, and fully styled their background bookcases and “Zoom couture.” Yet as virtual work becomes a way of life, not all adaptive…