Survey: Board Communications Face Increased Cybersecurity Risks
A Thomson Reuters survey reveals that corporate boards face growing cybersecurity risks due to the use of insecure communication methods and limited data encryption, with device theft and lost documents also a concern.

London/New York – Corporate boards are increasingly exposed to cybersecurity risks, according to Thomson Reuters' 2014 board governance survey. Despite a slight decrease in the volume of board information produced annually, boards commonly communicate through unsecure means and have minimal protections against security breaches. The survey found that one in ten organizations reported a board member's computing device being stolen or lost in 2014.
More than 200 corporate and company secretaries across various industries and regions participated in the survey. Key findings indicate that over half of organizations have experienced situations where board members left sensitive documents in public places or are aware of such instances. While 67% of corporate boards are very concerned about cybersecurity risk, only 44% claim to actively make decisions on the topic.
Encryption of board communications remains a significant vulnerability, with 60% of organizations reporting they never or only occasionally encrypt such information. A quarter always encrypt their communications. Furthermore, over half (56%) of board members still print and carry board documents, and 51% of organizations do not utilize a secure, purpose-built board portal.
Phil Cotter, managing director of Risk at Thomson Reuters, expressed alarm at the lack of safeguards for board information in the digital age. He criticized the fact that cybersecurity information is the least frequently requested by boards, creating uncertainty about their ability to oversee security management effectively, particularly if they do not stay informed on security matters.