When an executive or board director sends you a message from their personal email account, does that send up a red flag for you? How many times have you simply hit reply or reply all without giving it a second thought? Have you considered that the original email or any of the responses to it may have contained sensitive or confidential information?
The topic of cybersecurity has been an important one in board circles. Nearly all board directors and executives have been concerned about data breaches and cybersecurity for some time. While most corporate leaders can appreciate the seriousness of data breaches, many of them haven’t necessarily linked their thought processes to their own electronic communications practices. What all boards should be using in today’s business world is a secure communications app.
Cybercrime is becoming increasingly sophisticated and it’s growing in frequency and number. This is a valid reason for board directors to be sending sensitive governance communications through highly secure communication channels.
According to HealthcareDive, nearly 32 million records of medical patients were breached in the first six months of 2019 alone. That’s twice the number of records that were breached in all twelve months of 2018, which amounted to over 15 million patient records. A Protenus report also states that the number of incidents that were disclosed rose between January and June of 2018 to a total of 285 breaches. Another eye-opening statistic is that there’s been at least one health data breach per day since 2016. About 59% of the breaches were due to hacking and 21% were due to insider error or wrongdoing. About 9% of the incidents were due to loss or theft and the cause of the remaining incidents were unknown.
The more complex technology becomes, the more difficult it is to prevent and recover from cybersecurity incidents. In some cases, hackers are even targeting specific board directors or C-level executives.
Top 3 Reasons Boards Need a Secure Communications App
The top 3 reasons that boards need a secure communications app is because of the high risk of data breaches, loss of operational time while dealing with a crisis, and the risk of compliance violations. These issues together could place the entire organization’s reputation at risk.
- High Risk of Data Breaches
Yahoo! has successfully been targeted by hackers more than once. The breach that was disclosed in 2016 just settled for a mere $117.5 million. Hackers found their way into Yahoo!’s user database and stole information on over 3 billion Yahoo! accounts, and this is considered the largest hack in history. Yahoo! users that had accounts between January 1, 2012, and December 31, 2016, were affected. Among the information that was stolen was names, email addresses, birthdates, security questions and answers, and passwords.
- Dealing with Crises Cost Time and Money
Dealing with an unexpected crisis costs your business time and money while you’re dealing with the crisis. According to a study that was cited in the Economist about the eight most notable crises in 2010, those companies are worth 30% less today, on average. This percentage was based against their peers.
- Risk of Compliance Violations
GDPR was the first law of its type to protect consumers by giving them some control over how their personally identifiable information could be transferred. Other laws like it are under consideration in the United States and in other countries abroad. When personally identifiable information is at risk of being stolen, it decreases the confidence of the shareholders, vendors, and customers. With so much at stake, profit margins are bound to drop and the organization’s good name goes with it.
How to Get Board Directors and Executives to Use Secure Communication Apps
Board management software, communications policies, and awareness are the keys to getting board directors and executives to use secure communication apps without exception.
Cybersecurity has been a major topic in boardrooms and that discussion should be a natural segue into the importance of never sending a board-related email through a personal email account. Considering that most board directors travel a lot and rely heavily on their mobile devices, they need to be reminded of the risks of sending secure communication messages via laptops, mobile phones, and tablets.
Board directors and executives have a fiduciary duty to protect sensitive board information. FINRA has been cracking down on board directors for failing to meet the required data security practices. One company received a significant fine for losing a laptop containing confidential customer information even though the loss of data hadn’t been stolen and the incident hadn’t resulted in any incidents of known identity theft or financial loss to the company.
Cybersecurity experts state that it’s not if organizations will experience a data breach, it’s when. It’s important for board directors and executives to take stock of what other organizations have lost through data breaches so they don’t end up in the same boat. Today’s boards should have an operational policy that all board emails and file-sharing should go through a secure board management portal. A communications policy should be sure to include the managing of communications on mobile devices as well. It’s also helpful to set up periodic trainings on communication protocols.
The surest way to prevent hacking due to personal email communications for board business is to implement BoardEffect board management software as a solution. A secure board portal will successfully address any security gaps because it has state-of-the-art security build directly into the board portal.
There’s no reason to risk confidential board meeting books with hard copies that can get lost or stolen. Also, there’s no reason to ever send a personal email with confidential board information in it. BoardEffect is the modern governance solution for secure board communications and file-sharing. It’s the only way to prevent the high risks of data breaches, decrease the chance of lost time and money for dealing with unexpected crises, and reduce the worry over compliance violations.