Duke University Professor, Campbell Harvey, has already identified SWIFT, the global system for secure financial communications, as a potential target for Russian cyber warfare, noting that there is no ‘viable backup system in place.’ Although SWIFT is well defended, a cyberattack would potentially leave many organisations exposed.
It’s a timely reminder that, while once considered a niche skill, being fluent in technology is now a core necessity for directors. It is no longer enough to have IT support on speed dial, and ‘out of scope’ will not absolve directors from responsibility.
Feeling a little unprepared right now? You are not alone.
Our Future of the Board report found cyber security and data privacy and understanding the risks of new technology, governance and compliance are set to be the major technological disruptors by 2025.
So here’s a shortlist of some steps you can take immediately to reduce your cyber risk:
- level up
- be vigilant
- insist on best practice — don’t just encourage it.
It’s time for you to evolve into the tech-savvy version of yourself because that is the leader your organisation needs. Take the small steps now to start that chain reaction. Expand your reading list, learn the terminology, and start attending cyber information sessions.
We recently held a webinar focusing on changes to privacy and cyber legislation, led by an expert panel across different sectors. With more than 300 registered to attend, it was one of our strongest events so far this year. The consistent message across the panel was: ‘keep it simple.’ IAG’s Company Secretary, Jane Bowd had this advice for directors: ‘Any deficient action by a board as opposed to taking no action at all is the worst offence… ASIC does not demand perfection for companies, but they do want to see progress and attention being paid.’
We will keep holding a microscope to technology issues this year, with our 2022 major thought leadership project set to provide a roadmap to help boards and senior management address the challenge of incorporating technology into their role and how they can best leverage the opportunities it offers. Stay tuned for more on this later in the year.
With cyber-attacks and phishing expeditions becoming increasingly sophisticated, it’s essential to stay up to date with the current trends. Keeping cyber security on your radar when you operate is what is going to instil cyber awareness as a habit. The Australian Cyber Security Centre has published resources and strategies that are tailored to suit the size of all organisations.
Adopt Professor Harvey’s thinking about SWIFT, what systems in your organisation are essential to your business, and what is your plan B?
Insist on best practice
Set your standards high. Cyber awareness is not just a buzzword, it’s an evolving conversation — and an imminent risk. Do you use a multi-factor authentication system? How often are your security systems being externally audited, and would they pass muster?
Work with your IT department to fortify your employees against cyber-attacks and acquaint yourself with guides to best practice.
Tech is moving so fast that not being across these issues will not only slow your organisation down but will potentially leave it open to a serious cyber-attack. There has certainly never been a better time to skill up and bring a new level of IT knowledge to the board room table.