It will come as no surprise that large cyber-attacks are bad for business. They are also bad for investments. They can lead devastating financial and reputational damage for a companies in an investors portfolio. Companies with a board of directors, which has one or two members with cybersecurity experience, can help reduce that risk. There’s already a shortage of cybersecurity professionals, so recruiting board members with cyber experience may sound like a tall order. However, the effort will signal to investors that the company takes its security seriously.
Following the Equifax breaches the Wall Street Journal reported that CEOs now fear “a career-ending cyberattack.” That’s a valid concern, as investors are not fans of being invested in companies that lose millions (or hundreds of millions) of dollars in cyber-attacks. Admittedly, cyber-attacks are going to happen to every company, but well-prepared companies are less likely to suffer catastrophic loses against preventable vulnerabilities. Those sorts of cyber-attacks are bad for all stakeholders, especially shareholders.
Cyber risk isn’t going anywhere.
That’s why companies have Chief Information Security Officers (CISOs) and information security teams, right? Yes, but as businesses naturally have competing priorities, there is value in signally to investors that cybersecurity is a priority. A lot of companies list cyber-attack as a risk in their annual reports, but board members with actual cybersecurity backgrounds make a more compelling statement as to how seriously a company takes its cybersecurity.
Board members with cybersecurity experience can add value for both management and investors. The Financial Industry Regulatory Authority (FINRA) points out, “The board plays a supervisory role, overseeing corporate activities and assessing performance.” Board members—with their fiduciary responsibility to shareholders—are in a special position to provide oversight to encourage the adequate prioritization of cybersecurity to protect shareholders’ investments.
Board members with cybersecurity experience can add value for both management and investors.
Cyber risk isn’t going anywhere. Cybersecurity Ventures predicts cybercrime damages will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. While potential board members with cybersecurity experience may not be in excessive supply, they’re ability to provide oversight and signal security consciousness to investors makes those board members a valuable commodity. Companies, that are less likely to lose large sums of money due to cyber-attacks, are likely to provide safer returns for investors.
Stay vigilant.