The PRI has launched findings on how seriously corporates are taking the issue of cyber security, with the publication of "Stepping Up Governance on Cyber Security: What is Corporate Disclosure Telling Investors?" The research evaluated the public disclosure of 100 companies on cyber security, covering 14 indicators on aspects such as policy, governance and flow of communication, access to expertise, training and assessment, and other procedures. According to the World Economic Forum’s latest report on global risks, cyber security is ranked as one of the top five risks to businesses, reaffirming the need for company boards to prioritise this issue. The business case to engage with companies on this topic is clear-cut – cyber security threats and related incidents can cripple business operations, materialise into legal and regulatory risks, and have adverse impacts on portfolio company valuation and earnings. However, the PRI has found that corporate reporting on this topic often falls short of these expectations. “Boards need to work closely with senior management to escalate the message across the organisation that security is everyone’s problem,” said Fiona Reynolds, CEO of the PRI.

Posted by

PRI