Rippling Cyberattacks Force Corporate Boards to Rethink Risk
Andrea Vittorio, Jake Holland
The Bloomberg Law article, "Rippling Cyberattacks Force Corporate Boards to Rethink Risk," quoted Russell Reynolds Associates Consultant Margot McShane on the importance of all board member having some degree of knowledge on cyber. The article is excerpted below.
Corporate boards, in the wake of cyberattacks on software providers SolarWinds Corp. and Microsoft Corp., are seeking out expertise from consultants, lawyers and associations that offer cybersecurity training—an oversight boost that could cushion them legally in the event they’re sued or penalized by regulators after a breach.
The recent hits have forced boards of directors to rethink cybersecurity challenges and their potential ripple effects as companies face mounting legal and reputational risks from costly hacks. The attacks also show how cyber incidents in a connected system can quickly spread to contaminate thousands of companies at once.
Director ExpertisePressure from within and outside companies to do more about cyber-risks has translated into benchmarking and self-evaluation from executives and the boards they sit on.
While some have called for corporate boards to add cyber experts to their ranks, others argue it’s better if all board members have an understanding of their company’s security profile and potential risks.
“Everyone on the board should be educated on cyber,” said Margot McShane, who co-leads board and CEO advising in the Americas for recruiting firm Russell Reynolds. “I don’t think they have to be expert.”
To read the full article, click here.