Cybersecurity: a major concern for boards of directors in 2017
The emergence of new technologies and their daily use has certainly changed the way organizations do business. These organizations have to adapt to the digital tools that affect their global strategies; from traditional means of communication with their customers to the implementation of solutions for enhancing productivity and doing so at different organizational levels of the company.
The evolution of the “connected” world paved the way for the creation of many start-ups, which we now know as multinational companies that shape our everyday lives, such as social media. Nevertheless, some of these digital tools may also cause serious harm to a company.
The number of cyberattacks against organizations is on the rise
With new technologies come cyber risks. Over the last few years, many cyber attacks against organizations around the world have been identified. One of the most important was the disruption denial-of-service (DDoS) attack that was felt on both sides of the Atlantic. In fact, this cyber attack affected some of the most popular sites on the web, including Netflix, Twitter and Spotify sending them offline for several hours. This cyber attack did, however, draw the attention of board members and executives by identifying a significant lack of implemented programs dedicated to cyber security.
In his article published in Le Journal Les Affaires, Cyberattaques: l’escalade continue, Alain Mckenna pointed out that the number of cyber attacks around the world continues to increase and the number of threats experienced by organizations has increased continually over the last two years. More than 80% of companies in Canada and in France were subject to at least one cyber attack in 2015, according to a survey conducted by Imperva. This raises the following question: could your company handle these kinds of cyber threats?
Digital tools as a catalyst for cyber security
Growing more sophisticated everyday, we know that these cyber attacks can have devastating consequences and cause irreversible damage to organizations. Usually, better corporate governance would prevent severe damage, but it is also necessary to implement internal training sessions in order to raise awareness among the organization’s staff about managing cyber risks. That being the case, developing data security programs would help to prevent these cyber threats but it is also crucial that board of directors take the importance of cyber security into account.
The use of digital tools like the paperless board portal then become indispensable for boards of directors. In fact this kind of digital tool provides a highly secure database for board and committee content, thanks to the different security levels it provides, from strong password policy to internal and external security audits and finally encrypted hosting of documents.
The DiliTrust Exec Board portal meets the most stringent international information security standards (ISO 27001) and supports an archiving and backup policy that manages data access. Data protection for boards and committees is a major concern for board members, just as important as the public reputation of the organization or complying with laws and legislations. In the not so distant future, every organization will adopt strict rules in terms of data security, requiring organizations to protect their data to respect established international standards; standards that DiliTrust Exec already has in place.
Moreover, the use of such digital tools raises the obvious question of data security in terms of data hosting and localisation. According to an article published on Equity’s company blog, “Digital sovereignty of data is now a major concern for organizations, especially with the growing popularity of cloud storage providers, which use servers spread across the globe (…) and documents about strategies and management of an organizations can be exposed to foreign legislation, without board members and executives knowing about it.”
If this is the major concern in your decision-making process for adopting a paperless board portal dedicated to boards and committees, you should think about it when you choose your board portal provider. Choosing an American board portal provider means that your data is potentially at risk, especially because your data would be subject to American legislation and the U.S Patriot Act. Here is an example of such a case: a few weeks ago, a federal judge ordered Google to give the FBI their clients’ emails including those stored outside of the United States. The question is: will this become a common practice with the newly elected president…