VLP Partner Melissa Krasnow Quoted in Private Company Director on Cybersecurity Oversight
Posted on Jan 24, 2020 in Privacy, News by Melissa Krasnow
VLP Partner Melissa Krasnow was quoted in the Private Company Director article “Private Company Boards Dropping Cybersecurity Oversight Ball.”
The article described a ransomware attack on a private company and findings from the National Association of Corporate Directors 2018-2019 Private Company Governance Survey (the “NACD survey”) and the 2019 Cost of a Data Breach Report by IBM Security and Ponemon Institute (the “IBM-Ponemon report”).
According to Ms. Krasnow: “The topic of cyberattacks is front of mind with private company directors” and the companies that handle cybersecurity best are those that are committed to dealing with it: “They say, ‘This is an issue we need to address,’ and they get together a cross functional team. They’re transparent so all are aware of the process, not just one person.”
Expert recommendations for boards wishing to limit risk include the following:
• According to the NACD survey: put cybersecurity on the agenda as a recurring item and directors should regularly assess how management is responding to new weaknesses.
• According to the IBM-Ponemon report: invest in programs to create a system that satisfies governance requirements, evaluates risk across the organization and monitors governance compliance.
• Develop strong internal and external communication systems so directors are constantly in the loop and hearing from a variety of people in the organization.
• According to Ms. Krasnow: make sure someone in the company knows what the organization’s contractual obligations around cybersecurity and data privacy are.
• According to the NACD survey: encourage the company to join industry task forces to keep abreast of threats and incidents.
To read the entire article, click here.Share