These days it is the rare news cycle that goes by without referencing the latest cyber-related data breach to impact some fill-in-the-blank, well-known consumer-based company. Long gone are the days where executives and Board members did not worry about cybersecurity for their respective organizations, but incredibly too many of them continue to admire the problem or pretend that 'it won't happen to us' until, well, it does. So, what can be done about it? The answer, consistent with traditional views of corporate governance best practices, is to engage in due diligence'proactive action by asking the right questions to the appropriate personnel both internally within the company, as well as externally. The common denominators of good cybersecurity preparedness, regardless of size, scope, or industry, are front-end assessments, planning, and testing.
Steven Grimberg & Mark Ray,
A Call to Action: Cybersecurity Due Diligence in Today's Business Climate,
Emory Corp. Governance & Accountability Rev.
Available at: https://scholarlycommons.law.emory.edu/ecgar/vol5/iss2/1