Rethinking Cyber Risk: board and director obligations in 2015 and beyond

Dudley Kneller


Complete the form to receive a copy of the whitepaper.

The World Economic Forum's Global Risks 2015 report included a worldwide warning to all companies:

90% of companies worldwide recognize they are insufficiently prepared to protect themselves against [cyber attacks].1

What many directors and company secretaries fail to realise is that the foundation of effective cyber risk awareness is just a matter of good corporate governance. With mandatory data breach reporting now almost inevitable in Australia and already in place in the United States and some parts of Europe, it is no longer appropriate to push responsibility for cyber compliance on to an IT department or technology provider.

Boards can no longer delegate their duties without understanding and actively managing the real risks associated with cybersecurity.

While we are yet to see an Australian cyber breach that takes directors to court, changes to the Privacy Act 1988 as well as an increasing "cyber awareness" from regulators such as the Australian Securities & Investments Commission (ASIC) and Australian Prudential Regulation Authority (APRA) firmly place cyber risk issues on the agenda for directors and officers.

Fill-out the form on your left to download the full copy of the whitepaper.