Free Site Registration


Investors Face Gap Between Cyber Threat and Action

Print
Email
Reprints

When companies disclose significant cyber risk, they rarely provide differentiated or actionable information, according to a new report from PwC US and the Investor Responsibility Research Center Institute.

Examining key cybersecurity threats to corporations, the report offers information to investors to assist them in evaluating investment risk, business mitigation strategies and quality of corporate board oversight.

“Cybersecurity has moved from the back office to the corporate board room because it poses a deep threat to a company’s bottom line and reputation,” stated Jon Lukomnik, executive director of the Investor Responsibility Research Center Institute (IRRCi).  “The reality today is that virtually every company is reliant on information and technology, so not one company or sector is left out.”  

Commissioned by IRRCi, What Investors Need to Know About Cybersecurity: How to Evaluate Investment Risks was authored by Kayla Gillan, leader of PwC’s Investor Resource Institute, and PwC Advisory principals Joe Nocera and Peter Harries, both leaders in PwC’s cybersecurity practice.

“The severity of the gap between the magnitude of cybersecurity threat and the lack of steps boards have taken to address the risks is a key issue for investors and policy makers alike,” stated Lukomnik. “In recent weeks both Securities and Exchange Commissioner Luis Aguilar and Treasury Secretary Jack Lew have made public comments regarding cybersecurity issues... Even when Boards do act, investors often feel in the dark on cybersecurity.  First, it’s dynamic and highly technical. Second, companies can be reluctant to disclose details on threats because they are concerned about providing hackers with a roadmap to vulnerabilities.” 

Designed to help investors navigate cybersecurity issues with a focus on sector-specific portfolio risk, the report outlines cybersecurity trends, industry threats and strategies.

These strategies include corporate preparedness for cyber attacks, engaging with highly likely targets, and demanding better and more accurate disclosures.

“The consequences of poor security include lost revenue, compromised intellectual property, increases in costs, impact to customer retention, and can even contribute to C-level executives leaving companies,” stated Nocera.  “This paper can help investors ask the ‘right’ questions to assess the level of risk they may be facing.”

The report also includes, based on PwC experience, common motivations for cyber attacks by industry and a list of suggest questions for investors to ask:

  • Does the company have a security & privacy executive who reports to a senior level position within the company?
  • Does the company have a documented cybersecurity strategy that is regularly reviewed and updated?
  • Does the company perform periodic risk assessments and technical audits of its security posture?
  • Can senior business executives explain the challenges of cybersecurity and how their company is responding?
  • What is the organization doing to address security at its business partners?
  • Has the company addressed its sector-based vulnerability to cyber attack?
  • Does the organization have a response plan for a cyber incident?

The full report is available here, with registration for a webinar scheduled Aug. 20 to view the findings and respond to questions, available here. 

0 Comments

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Accounting Today, please use the form below to login. When completed you will immeditely be directed to post a comment.

 

Advertisement

Accounting Technology

Advertisement

The Virtual Firm

November 7, 2013

Jennifer Katrulya, CEO of the Business Management Resource Group, discusses how to run an accounting practice from an iPad or other mobile device in a virtual environment, in an interview with managing editor Tamika Cody at Accounting Today's Growth & Profitability Summit in Orlando.

Social Media Tips for Professional Services Firms

October 9, 2013

Social media strategist Adrian Dayton and BeachFleischman PC chief marketing officer Eric Majchrzak discuss how accounting firms and other professional services firms can use LinkedIn, Google+ and other social networks to market their offerings to potential clients, and use search engine optimization to showcase their content, in an interview with Accounting Today senior editor Danielle Lee.

Top 10 Tech Trends for 2014

March 3, 2014

As companies gain more affordable access to new technology and platforms, they also seek to make smarter investments. As we begin 2014, James Cashin, partner at McGladrey, has identified ten common strategies in how companies are capitalizing on their IT investments to best implement process improvements and increase performance.