Company boards feel pressured to respond to cybersecurity-related risk — a trend that will lead to 40% of boards having a dedicated cybersecurity committee by 2025, Gartner predicts.
The research firm said that while less than 10% have a dedicated security committee overseen by a qualified board member today, this will rapidly increase as boards seek to make changes in response to the greater risk created by the expanded digital footprint of organisations during the COVID-19 pandemic.
Currently boards rank cybersecurity-related risk as the second-highest source of risk for the enterprise, behind only regulatory compliance risk. In addition, few directors feel confident that their company is properly secured against a cyber attack.
“To ensure that cyber risk receives the attention it deserves, many boards of directors are forming dedicated committees that allow for discussion of cybersecurity matters in a confidential environment, led by someone deemed suitably qualified,” Gartner Research Director Sam Olyaei explained.
“This change in governance and oversight is likely to impact the relationship between the board and the chief information security officer…
