Increased Hacking and Data Leaks Drives Renewed Focus on Board Communications

Wed Nov 6, 2013 3:49am EST

* Reuters is not responsible for the content in this press release.

Thomson Reuters annual Board Governance survey reveals organizations lack understanding of security risks surrounding board materials

NEW YORK, November 06, 2013 - Thomson Reuters annual Board Governance survey shows that Board communications is becoming increasingly complex yet outdated board procedures, unsecure distribution channels and costly board materials are all contributing to increased security gaps.  

The Thomson Reuters survey covered more than 125 general counsel and company secretaries across a wide-ranging cross-section of industries and geographies globally. It builds on a survey of similar respondents conducted in September 2012 so presents year-on-year trends and developments. Key findings from the latest report include:

  • Over 67% of respondents admit they do not know if their board members destroy all print copies of board materials.
  • 62% of respondents had heard of situations where board members have left sensitive information in public places, representing a 12 percent increase compared to last year.
  • Over three-quarters of organizations utilize unsecure, personal email accounts to distribute board documents; almost half do not ensure board communications are encrypted.
  • Board books and volume of information continue to grow. On average board books are 179 pages in length according to respondents compared to only 116 pages in 2012. This amounts to 16,010 pages of board material each year representing a 67% uplift from the average of 10,000 pages reported the prior year. 
  • Board members per organization is increasing with 43% now having more than 11 board members, rising from 29% in 2012.
  • Almost half of boards still rely on paper-based board books. There was a slight decrease in the number of respondents who distributed their board books electronically, despite an increase of members being located across borders.
  • There has been increased focus on risk oversight with 84% of respondents saying their board actively set a risk culture and cascaded its risk policy to management. This is a significant increase from 2012 where only 57% of respondents said the same.

"Corporate governance is becoming increasingly complex due to demanding regulatory requirements and scrutiny on organizations' compliance," said Chris Perry, managing director, Risk, Thomson Reuters. "In this time of heightened risk, it to extremely important for companies to protect their organization from reputational damage. This survey provides insight and transparency into board governance processes to help provide the information needed to have better risk oversight and to tighten security gaps across an organization."

Increasing Volume of Board materials

A large challenge lays in the amount of confidential information that board members are expected to retain. One quarter of respondents produce in excess of 100 board books per year with the average board book at 179 pages in length. This means that board members are sifting through 16,010 pages of board materials a year representing a staggering 67% increase from 2012.  In addition, most organizations have many board members serving on multiple boards across the world and with the majority of boards meeting monthly or quarterly, this creates a huge volume of required supporting board materials.

Exposure to Security Risks

The survey results indicate organization's lack of understanding of the security risks surrounding board communications. Both print based and electronic board communications contain huge security risks and gaps. Almost half of boards still rely on paper-based board books contributing to greater risk of sensitive information being lost, stolen or misplaced by printing and carrying board documents. Additionally, the majority of respondents admitted to having heard of instances where board members have left sensitive documents behind in public places.

Furthermore, there are still issues around electronic communications due to insufficient security processes. Over three quarters of organizations utilize non-commercial, unsecure personal email accounts to distribute board materials and almost half of the organizations do not encrypt board communications.  

While the survey points out many risks in the distribution channels being used to disseminate board materials, another issue is in retention of information. Over 67% of respondents are not confident or do not know if their board members destroy all print copies of board materials in line with policies. With similar results in 2011 and 2012, this continues to be a concern and presents risks to organizations.

Board Security

The survey results indicate a lot of security gaps and risk oversight by organizations, but the results also note that there has been improvement from boards putting increasing importance on security measures.  Over three quarters of respondents said that their board actively set a risk culture and cascaded its risk policy to management which is a significant increase from only 57% in the comparable 2012 survey.

Additionally, 52% of organizations now use a board portal to share their sensitive board information.
Private mobile computing devices remain the most likely place to store board documents and communications and in line with the increasing popularity, the results show a steady increase in organizations providing board members with secure devices for this purpose.

The board has become increasingly involved in understanding regulatory change and overseeing implementation according to respondents. Involvement has increased from 2012 substantially with 49% actively setting culture and policy and pushing for "gold plated" policies.  With 12% not discussing these issues at board level and some respondents not knowing, there could be organizations at risk of penalties by not being prepared to manage the incoming changes to regulatory requirements.

A detailed report on the survey's findings can be found at: http://info.accelus.thomsonreuters.com/LP=1954

Thomson Reuters
Thomson Reuters is the world's leading source of intelligent information for businesses and professionals. We combine industry expertise with innovative technology to deliver critical information to leading decision makers in the financial and risk, legal, tax and accounting, intellectual property and science and media markets, powered by the world's most trusted news organization. With headquarters in New York and major operations in London and Eagan, Minnesota, Thomson Reuters employs approximately 60,000 people and operates in over 100 countries. Thomson Reuters shares are listed on the Toronto and New York Stock Exchanges.  For more information, go to: http://thomsonreuters.com 

 
CONTACTS
Alan Duerden
PR Director,  GRC & Marketplaces
+44 20 7542 0561
+44 7825282483
alan.duerden@thomsonreuters.com
 
 




This announcement is distributed by Thomson Reuters on behalf of Thomson Reuters clients.

The owner of this announcement warrants that:
(i) the releases contained herein are protected by copyright and other applicable laws; and
(ii) they are solely responsible for the content, accuracy and originality of the
information contained therein.

Source: Thomson Reuters Corporation via Thomson Reuters ONE

HUG#1740885
Comments (0)
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.