Data Breach: The risk for Boards in 2018

Information shared among board directors is often highly sensitive and confidential. Hackers know the value of organization information and are constantly scheming ways to penetrate defenses and steal data. Board members and top company executives are responsible for ensuring the value and reputation of their business and brand. Today, the value is close to the increasing risk of data breaches.

The cost of cybercrime to the global economy
is predicted to hit US $ 6 trillion annually by 2021, up from US $ 3 trillion in 2015 1


There is no place for complacency in data security. In the first quarter of 2018 alone, three high-profile incidents made headlines, causing damage to the organization’s reputations:

Facebook misuses customer data. More than 300,000 Australians , what’s wrong with the social media giant data mining firm Cambridge Analytica to collect data from user profiles for commercial and political use.

Cabinet documents leaked to media . One of the biggest security breaches in Australia, confidential papers were leaked to the media after being found locked in a filing cabinet.

In the first six weeks of Australia’s new mandatory Notifiable Data Breaches (NDB) scheme was introduced on 22 February 2018, the number of reported breaches was almost half of the total recorded in the previous year, according to the Office of the Australian Information Commissioner . A total of 63 breaches were reported, compared to 114 voluntary reports in 2016-2017 .

The risk of reputational damage goes right up to the heart of organizational culture. Boards are uniquely placed to drive that culture and protect corporate reputations. It is the board that is under the spotlight when reputation is damaged.

Directors are aware of those risks and of the importance of data security. Surveys by the Australian Institute of Company Directors (AICD) are concerned about the growing threat of data breaches and the risk of reputational damage.

See how Diligent Messenger  can help ensure that you are using the best practices possible.

Cybercrime (19%) and data security (15%) are two of the issues keeping Australian directors awake at night, according to the AICD’s Director Sentiment Index for the second half of 2017. That puts cybercrime and data security in the top 10, ranking ahead of issues such as competitor behavior, digital innovation and attracting organizational talent. In a separate survey, the 2018 KPMG – AICD Trust Survey , more than one in five directors (22.9%) said that data management and cyber security is a critical issue for trust in their organization.


44% of companies say thatthey do not have to overall cybersecurity strategy and 48% do not have to effective cybersecurity Training and awareness program 2


Technology offers a multitude of benefits to work, but it also offers avenue for hackers and other criminals to attack. Now an integral part of everyday business practices, email and web access represents the largest cybersecurity risk.

The FBI estimates that compromised email accounts, where an attacker impersonates employees through social engineering or computer intrusion techniques in order to conduct unauthorized fund transfers, cost more than $ US5.3 billion between October 2013 and December 2016. Many such breaches are never reported ,

Protecting data has never been more crucial. Every organization must be aware of where its data is located and how it’s protected. Diligence Australia Vice President, Andrew Carrick, said: “Organizational need ongoing vigilance when it comes to protecting their information assets.” “If data security is just a box on a checklist or a letter annual update, directors and management can be in the dark about the risks they’re facing.”

The pace of cyber threats is relentless, and is evolving as fast or faster than the technology. With the number of attempted malicious attacks escalating, the cost to the incidents that penetrate their defenses is so increasing.

Ever wondered what happens during a cybersecurity attack? Watch a compelling discussion on a hypothetical cybersecurity data breach.

Although board directors acknowledge that the risk is increasing, there is much they still do not know. Most directors are not IT experts, nor do they need to be. To effectively oversee cyber risk management they must understand the changing digital environment. Without that insight, and the ability to benefit from new technologies, organizations risk being overtaken by their competitors.

While they need to consider cyber risk strategically, they must also have operational information. It’s essential for directors to know the key elements of their organization’s cyber risk protection and responses.

When hackers charge as little as $ 500 to hack the accounts of executives and board members, accessing a company’s intellectual property, it comes at a low fee for the attacker and high cost to the target of attack. With cyberattacks becoming more sophisticated and frequent, now is not the time for complacency. Can you be sure your organization’s information is secure?



1 Cybersecurity Ventures, 2017 Cybercrime Report, October 2017 Board Adoption trends in Singapore: Diligent Corporation and CSIS
2 Global State of Information Security 2018 report, PwC



Board Portal Buyer’s Guide

With the right Board Portal software, a board can improve corporate governance and efficiency while collaborating in a secure environment. With lots of board portal vendors to choose from, the whitepaper contains the most important questions to ask during your search, divided into five essential categories.

Featured Blog