Critical Update Needed: Cybersecurity Expertise in the Boardroom

by David Larcker, Peter C. Reiss, Brian Tayan
Citation
Title:
Critical Update Needed: Cybersecurity Expertise in the Boardroom
Author:
David Larcker, Peter C. Reiss, Brian Tayan
Year: 
2017
Publication: 
Stanford Closer Look SeriesFaculty & Research › Publications › Critical Update Needed: Cybersecurity Expertise in the Boardroom
Volume: 
CGRP69
Issue: 
November 16, 2017
Start Page: 
1
End Page: 
7
Publisher: 
Copyright © 2017 by the Board of Trustees of the Leland Stanford Junior University. All rights reserved
Language: 
English
URL: 
https://www.gsb.stanford.edu/faculty-research/publications/critical-update-needed-cybersecurity-expertise-boardroom
Select license: 
No License (All right reserved)
DOI: 
PMID: 
ISSN: 
Abstract:
By

 David F. LarckerPeter C. ReissBrian Tayan

Stanford Closer Look Series. Corporate Governance Research Initiative, November 
2017
AccountingCorporate Governance

The board of directors is expected to ensure that management has identified and developed processes to mitigate risks facing the organization, including risks arising from data theft and the loss of information. Unfortunately, recent experience suggests that companies are not doing a sufficient job of securing this data. In this Closer Look, we examine they types of cyberattacks that occur and how companies respond to them.

We ask:

  • What steps can the board take to prevent, monitor, and mitigate data theft?
  • What data, metrics, and information should board members review to satisfy themselves that management has taken proper steps to minimize cyber risks?
  • What qualifications should a board member have in order to constructively contribute to boardroom discussions on cybersecurity?
  • How difficult is it to find board candidates with these skills?
Comments
  • Recommend Us