Blogs

Cyber Governance Benchmarking

By Randi Morrison posted 10-18-2018 10:47 PM

  

BDO's fifth annual survey of 145 public company directors conducted in July and August 2018 reveals these and other indicators of continuing stepped-up board focus on cybersecurity oversight:

  • 72% of respondents reported increased board involvement with cybersecurity now compared to a year ago.
  • 32% of directors report being briefed on cybersecurity at least quarterly; 54% are briefed at least annually. While the 9% reporting no briefings at all is on par with last year, this still represents a significant decline from the 29% who reported no briefings in 2014's survey.
  • 75% of directors say their company has increased its investment in cybersecurity during the past 12 months.
  • 73% of respondents indicated that their organizations require 3rd-party vendors to meet certain cyber risk requirements (up 30% from 2016).
  • 79% of directors say their companies have an incident response plan in place - compared to 61% last year.

And here is how directors say their companies have responded to the SEC's updated guidance on cyber disclosure obligations & internal controls:



          See also BDO's release, this Corporate Counsel article, last year's report, our initial report on the AICPA's cyber reporting & attest framework, and numerous additional cybersecurity resources including additional benchmarking data, how to effect the board's oversight responsibilities (inclusive of reporting to the board), incident response plan components and other practical "how to" guidance. This post first appeared in this week's Society Alert!
0 comments
159 views

Related Content

Permalink

https://www.societycorpgov.org/blogs/randi-morrison/2018/10/18/cyber-governance-benchmarking