Boardrooms failing on data security finds Thomson Reuters

With the volume of information in organisations increasing, outdated procedures are creating gaps in security

Data security controls in the boardroom are not up to scratch, according to the latest research from Thomson Reuters.

Thomson Reuters' 'Board Governance' survey shows that board communications are becoming increasingly complex, yet "outdated board procedures, unsecure distribution channels and costly board materials are all contributing to increased security gaps", says the report.

The Thomson Reuters survey covered more than 125 general counsel and company secretaries across a wide-ranging cross-section of industries and geographies globally.

It builds on a survey of similar respondents conducted in September 2012, so presents year-on-year trends and developments. Findings from the latest report include that over 67 percent of respondents admit they do not know if their board members destroy all print copies of board materials.

Also, 62 percent of respondents had heard of situations where board members have left sensitive information in public places, representing a 12 percent increase compared to last year.

And over three-quarters of organisations utilise unsecure, personal email accounts to distribute board documents, and almost half do not ensure board communications are encrypted.

While data insecurity worsens, the survey found that board books and volumes of information continue to grow. On average, board books are 179 pages in length according to respondents, compared to only 116 pages in 2012.

This amounts to 16,010 pages of board material each year, representing a 67 percent uplift from the average of 10,000 pages reported last year year.

The chance of data leaks is also increasing as the number of board members per organisation rises, with 43 percent now having more than 11 board members, rising from 29 percent in 2012.

Almost half of boards still rely on paper-based board books. There was a slight decrease in the number of respondents who distributed their board books electronically, despite an increase of members being located across borders.

But there has been an increased focus on risk oversight, with 84 percent of respondents saying their board actively set "a risk culture and cascaded its risk policy to management". This is a significant increase from 2012 where only 57 percent of respondents said the same.

"Corporate governance is becoming increasingly complex due to demanding regulatory requirements and scrutiny on organisations' compliance," said Chris Perry, managing director for risk at Thomson Reuters. "In this time of heightened risk, it is extremely important for companies to protect their organisation from reputational damage."

Tags ReutersThomson ReutersThomson

Show Comments