The World Economic Forum's Global Risks 2015 report included a worldwide warning to all companies: 90% of companies worldwide recognize they are insufficiently prepared to protect themselves against [cyber attacks].
What many directors and company secretaries fail to realise is that the foundation of effective cyber risk awareness is just a matter of good corporate governance. With mandatory data breach reporting now almost inevitable in Australia and already in place in the United States and some parts of Europe, it is no longer appropriate to push responsibility for cyber compliance on to an IT department or technology provider.
Boards can no longer delegate their duties without understanding and actively managing the real risks associated with cybersecurity.
While we are yet to see an Australian cyber breach that takes directors to court, changes to the Privacy Act 1988 (Cth) as well as an increasing "cyber awareness" from regulators such as the Australian Securities & Investments Commission (ASIC) and Australian Prudential Regulation Authority (APRA), firmly place cyber risk issues on the agenda for directors and officers.
Click here to view or download.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances. Madgwicks is a member of Meritas, one of the world's largest law firm alliances.
We operate a free-to-view policy, asking only that you register in order to read all of our content. Please login or register to view the rest of this article.