How to secure board engagement in strategic cyber discussions

Businesses that do not invest in cybersecurity face the risk of huge financial and reputational damage.

The pandemic has raised the threat of cyber attacks for businesses. Many reports show an alarming increase in incidents in the last year, with the attack methods of cybercriminals becoming increasingly sophisticated. Despite this, boards are still not taking the initiative when it comes to cybersecurity.

With this in mind, Ash Patel, Head of Cyber at ECI Partners, the leading growth-focused mid-market private equity firm, who advises the boards of the portfolio on how to identify and understand the scale of the cyber risks they face, shares his thoughts on how businesses can mitigate the cyber risks facing their operations.

Why CEOs should care?

Four in 10 businesses suffered a breach or attack last year; of those, more than a third reported negative impacts, ranging from financial loss to business disruption. However, the consequences of a cyber attack go well beyond that, businesses could face:

  • Loss of crucial intellectual property to a rival, allowing them to secure a competitive advantage
  • Punitive regulatory sanctions with fines of up to 2% of a company’s global revenues, as mandated under the General Data Protection Regulation (GDPR)
  • Reputational damage and loss of customer revenue with more than one in four consumers stating they would stop doing business with a company following an incident compromising their data security or privacy

Ash Patel, Head of Cyber at ECI Partners, comments: “The financial and reputational fallout from a cyber attack can create huge problems for mid-sized businesses. And with cybercrime showing no signs of slowing down, it’s imperative that businesses understand the threat and are proactive in mitigating the dangers.”

“Tackling these risks is not a one-size-fits-all approach. Businesses need to identify the gaps in their own cybersecurity defences, make their own decisions about acceptable risks, and find the right strategies to counter them.”

How CTOs can push cybersecurity up the board agenda

In order to truly protect the business from breaches and attacks, it’s important that the board makes cybersecurity a priority. CTOs have a responsibility to make this happen, and the best way of achieving this is:

  1. Talk to boards in the language of the business
    Technical IT jargon is far less likely to resonate strongly with the board than a discussion about how cyber attacks threaten the business’s value story.
  1. Focus on future proofing as well as today’s operations
    It is important to not overlook the threat that cyber poses to innovation. Boards’ efforts to pursue a digital agenda may be undermined by cyber risk if it is not properly understood and planned for.
  1. Concentrate on areas of weakness
    Conducting cyber gap analysis, which focuses on the areas of risk where controls are often weaker and take steps to mitigate these specific risks. For example, the human link is often one of the weakest, so firms should invest in regular staff training to mitigate these
  2. Learn from experience
    Spend time discussing incident reports with the board, focusing in particular on what the company has learned – and what is required to prevent a reoccurrence of that type in the future
  1. Agree on targets and monitoring
    With a set of key performance indicators included in each board pack, the board will have a clear view of how the company is performing and where they might need to divert more resource to

Ash Patel continues: “Cybersecurity, and the risk management associated with it, is and should be a board-level responsibility. For businesses that don’t have their own cyber team or specialist, it falls to the CTO to work with the board, to educate them on the risks, strategy, performance indicators and reporting.”

“Once CEOs and the board have a full grasp of cyber in context of their business, they will be better equipped to not only protect against and properly handle potential attacks, they will also be able to pursue the business’s digital transformation and growth priorities.”

For more news from Top Business Tech, don’t forget to subscribe to our daily bulletin!

Follow us on LinkedIn and Twitter

Amber Donovan-Stevens

Amber is a Content Editor at Top Business Tech

How E-commerce Marketers Can Win Black Friday

Sue Azari • 11th November 2024

As new global eCommerce players expand their influence across both European and US markets, traditional brands are navigating a rapidly shifting landscape. These fast-growing Asian platforms have gained traction by offering ultra-low prices, rapid product turnarounds, heavy investment in paid user acquisition, and leveraging viral social media trends to create demand almost in real-time. This...

Why microgrids are big news

Craig Tropea • 31st October 2024

As the world continues its march towards a greener future, businesses, communities, and individuals alike are all increasingly turning towards renewable energy sources to power their operations. What is most interesting, though, is how many of them are taking the pro-active position of researching, selecting, and implementing their preferred solutions without the assistance of traditional...

Is automation the silver bullet for customer retention?

Carter Busse • 22nd October 2024

CX innovation has accelerated rapidly since 2020, as business and consumer expectations evolved dramatically during the Covid-19 pandemic. Now, finding the best way to engage and respond to customers has become a top business priority and a key business challenge. Not only do customers expect the highest standard, but companies are prioritising superb CX to...

Automated Testing Tools and Their Impact on Software Quality

Natalia Yanchii • 09th October 2024

Test automation refers to using specialized software tools and frameworks to automate the execution of test cases, thereby reducing the time and effort required for manual testing. This approach ensures that automation tests run quickly and consistently, allowing development teams to identify and resolve defects more effectively. Test automation provides greater accuracy by eliminating human...

Custom Software Development

Natalia Yanchii • 04th October 2024

There is a wide performance gap between industry-leading companies and other market players. What helps these top businesses outperform their competitors? McKinsey & Company researchers are confident that these are digital technologies and custom software solutions. Nearly 70% of the top performers develop their proprietary products to differentiate themselves from competitors and drive growth. As...

The Impact of Test Automation on Software Quality

Natalia Yanchii • 04th October 2024

Software systems have become highly complex now, with multiple interconnected components, diverse user interfaces, and business logic. To ensure quality, QA engineers thoroughly test these systems through either automated or manual testing. At Testlum, we met many software development teams who were pressured to deliver new features and updates at a faster pace. The manual...