As part of the Government's Cyber Governance Health Check, a survey conducted by KPMG found disparity between the perceptions and reality of companies' Board members taking cyber-security seriously.
According to the report released last week, despite 74 percent of companies believing that their boards were giving sufficient focus to cyber-security issues, only 24 percent of board members said they regularly reviewed the risk management of valuable company information and data assets. In fact, 65 percent admitted that they “rarely or never” did so.
Though the importance of improving security seems to be on the forefront of high-level discussions, only 16 percent said responsibility should lie with chief executive officers and 31 percent said chief financial officers (CFOs). Only 15 percent believed that the responsibility sat with the chief information officer (CISO).
“Cyber-security may be moving up the Board agenda but clear communication between boards and management remains patchy at best” Malcolm Marshall, global leader of KPMG's cyber security practice, commented in an email to SCmagazineUK.com. “Regular board engagement on this issues is critical to ensuring companies remain alert to this growing threat.”