The Cyber Security Time Bomb.

In 2023 the number of cybersecurity searches we were engaged in was up 175% from 2022, and are staggeringly larger than pre-pandemic levels, and with good reason. 

Cyber Security was a huge topic this year in Davos, and the World Economic Forum’s Global Risk Report put cyber security in the top 10 current and future global risks. According to a study by IBM, the average cost of a data breach was $5.1 million, with U.S. companies being the most targeted in the world. Manufacturing, Insurance, Finance, and Healthcare were the most targeted industries. Forbes projects the cost of cyber attacks to hit an annual $10.5 trillion by 2025.

While digitalization and rapid technological advancements have been huge, positive growth drivers for companies across all industries globally, the increased dependence on technology naturally leaves everyone more vulnerable. In a survey conducted by CFO.com, 85% of cybersecurity professionals attributed the above, and the emergence of generative AI, now being utilized by bad actors, in the rapid growth in cybercrimes. 

Both European Union and U.S. SEC have responded with strict security requirements, and increased fines. Last year, failure to comply with GDPR resulted in record fines exceeding €1.6 billion, more than in 2019, 2020, and 2021 combined. 

The U.S. SEC also introduced new cybersecurity rules as of December 15, 2023. The rules require public companies to disclose material cybersecurity incidents within 4 days of their occurrence. Public companies must also disclose risk management and governance information in relation to cybersecurity, including board proficiency and oversight of cybersecurity risks in their annual reports moving forward. Firms are expected to provide details on board proficiency in cybersecurity.

Many former executives were leaders before the current cybersecurity environment, and may not bring expertise, or even an approach for gaining that expertise, to their boards. Not that they are inappropriate executives to serve as directors without such expertise, but the board must develop this expertise as a whole. Directors must bring more than just technical expertise to the boardroom. They must also understand the environment, financial structures, tradeoffs, and business risk portfolio. Finding new board members who bring the right mix of cybersecurity expertise and business acumen is challenging. 

As always, the companies that tackle the issue head-on instead of trying to check a box for compliance, are going to be the ones that succeed in navigating an everchanging future. To do so, you will need the best possible talent at both the Board and C level.

We have a track record of successfully identifying, recruiting, and placing Cyber Security Executives across several industries. If you would like to further discuss how TXT could help you with your cybersecurity needs, please respond to this email to schedule a call.

We recently launched our new Board Mapping service for no cost to our clients, we would love the chance to collaborate with you and your team to identify a map of potential cybersecurity experts typically found outside of traditional networks. These executives are key to bolstering your board’s credentials in cybersecurity.