Board members and executives are not taking enough precautions when executing board communications, according to a new report. A survey conducted by Diligent Corporation found that while 87% of firms are concerned with the security of their board communications and data sharing, more than half (55%) of their board members still use personal email for board communication, exposing themselves and the boards to potential cyberattacks.
'Technology is outpacing the speed of organizations' governance practices and their ability to modernize them,' said Brian Stafford, CEO of Diligent Corporation. 'The Forrester report underscores the need for board members to quickly evolve and streamline how they communicate and collaborate, especially as they truly oversee the cybersecurity policies of the organization.'
Listen to Brian Stafford's Interview Below
In this survey, Forrester Consulting conducted research targeting board members, general counsels and administrators from 11 countries to better understand the current global state of governance amidst rapid technological disruption. Having access to more boardrooms than any other company, Diligent is uniquely positioned to provide insight into businesses' cyber risk, regulation and culture practice - as well as how these critical governance areas can be improved.
Pervasive data management vulnerabilities
As technology revolutionizes businesses, boards will need to improve their governance practices to eliminate risky communications practices. Two-thirds of boards use unsecured communications methods and only 42% use board management software with email or messaging function capability. Nearly 30% of board members admit to losing or misplacing a mobile phone, tablet or laptop in the past year, making the loss of sensitive information the most common security breach. An additional 23% admitted to losing or misplacing paper assets.
These findings understandably contribute to 87% of boards expressing concern about their ability to secure their communications and data. Furthermore, most boards have yet to successfully implement an Enterprise Governance Management (EGM) solution to oversee cyber risk or potential corporate crises.
Governance reaches an inflection point
Right now, only 16% of board members and governance professionals think technology has improved their ability to understand areas of risk. While board members realize what their role within the organization is, it is up to them to drive good governance throughout. Recent laws, such as the General Data Protection Regulation (GDPR), highlight this key responsibility, as nearly half of global firms surveyed stated that they struggle with securing documents and meeting compliance requirements. The data also revealed that 37% of board members believe board management technology could help ensure that compliance requirements are met.
'The Forrester survey data reaffirms that board members are taking strides to keep up with the business environment around them, particularly as cyber threats become more commonplace. As the watchdogs of organizations, board directors should take it upon themselves to practice the same security precautions they ask of the companies they oversee. Simply put, it is up to them to provide the oversight and protect their organizations,' concluded Stafford.
How boards can leverage disruptive technologies to drive value
Diligent also found that there is an opportunity for boards to better leverage the technologies that drive organizational insights, offering greater, more secure governance practices. Seventy-one percent of written reports received before meetings are often one or more weeks old, highlighting the need for increased adoption of digital tools.
While end-to-end digital governance is no small feat, software that operates outside the boardroom will be imperative to drive more impactful governance. Board members are looking for technology to organize, facilitate and secure the data-sharing process to achieve greater EGM solutions.
Diligent found that the adoption of technological solutions is slower than expected, as technology solves less than a third of governance responsibilities today. Surprisingly, education and training are not seen as the solution, with only 10% of respondents indicating access to education and training materials as a solution to help them do their jobs better.