Data breaches and cyber-attacks continue to represent important threats to businesses of all shapes and sizes. High-profile data breaches have prompted heightened regulatory, shareholder, and public scrutiny of boardroom preparedness. While the importance of cybersecurity at the Board level may be obvious, it is often difficult to translate that awareness into concrete steps that should be taken.
The Threat
Cyber criminals target organizations for many reasons and through different means. However, their motivation for doing so is often very simple: making easy money. They rely on hacks, data viruses, scams, skimming, data sharing by disgruntled employees and data farming as means to either extort payment from organizations or sell the stolen data on the “dark web”. The data they steal can range from customer and employee information, to intellectual property (including trade secrets, business plans, source code, etc.), and other confidential information.
If successful, the cybersecurity incident can have a significant and long-lasting impact on the victim organization. This can include operational disruption, financial loss, regulatory investigations, shareholder and…