FSR, Palo Alto Networks & Forbes-Supported Study Finds Dramatic Increase in Corporate Boards Addressing Cyber Risks


October 2, 2015

Contact: Erika Reynoso
202-589-2410 | @fsroundtable

Contact: Alison Hawkins
202-589-2427 | @fsroundtable

FSR, Palo Alto Networks & Forbes-Supported Study Finds Dramatic Increase in Corporate Boards Addressing Cyber Risks

Georgia Tech researchers finds financial services industry is a leader in cyber preparations, focus

Washington, DC – There has been a dramatic increase in the number of boards actively addressing cybersecurity risks at Forbes Global 2000 companies, with the financial industry a leader, according to a new study released today.

Cybersecurity is now a boardroom-level issue for nearly two-thirds (63 percent) of the companies surveyed, a significant jump from 2012, when only 33 percent of boards were actively addressing computer and information security. The study also found the financial services industry is one of the leading industries in cybersecurity improvements and focus.

“Cybersecurity threats are a major, executive-level issue and companies are taking significant steps to better protect their customers and their businesses,” said Financial Services Roundtable President & CEO Tim Pawlenty.

The industry had one of the largest improvements in its cybersecurity focus, with a 35 percent increase, and the percentage of financial sector boards considering cyber risks when reviewing supplier relationships shot up to 64 percent from 38 percent in 2012. The financial sector is the only sector to have 100 percent Chief Risk Officers, who play a key role in the overall cybersecurity outlook of financial institutions and businesses.

Financial sector boards also had more board Risk/Security Committees and IT/Technology committees than any other sector in both the 2012 and 2015 surveys, and the sector leads in the percentage of CISOs it employees (88 percent). The financial sector far exceeds other industry sectors in having a board Risk Committee separate from the Audit Committee, with 86 percent of boards in the financial sector having a separate Risk Committee.

“The 2015 Governance of Cybersecurity report clearly reflects a sea change from the attention boards were paying to cybersecurity issues in the 2008, 2010, and 2012 surveys,” said Jody Westby, author of the series of survey reports and CEO of Global Cyber Risk, LLC and adjunct professor at Georgia Institute of Technology. “This report shows that, for the first time, directors and officers understand they have a fiduciary duty to protect the digital assets of their companies and are paying more than cursory attention to cyber risks; it is a welcome change that will help protect shareholders and customers.”

“It’s excellent to see that corporate executives are dramatically increasing efforts to manage cyber risks. Establishing an appropriate dialogue between technical experts and the executives who can prioritize resources is essential to effectively secure an organization. However, this increased attention must be coupled with appropriate action to apply the right combination of people, technology and processes to secure computing environments; this starts with establishing a breach prevention mindset. This study provides a basis for organizations around the globe to start having more discussions on just how to achieve this,” said Ryan Gillis, Vice President of Cybersecurity Strategy and Global Policy at Palo Alto Networks.

The study, “Governance of Cybersecurity” surveyed respondents at the board or senior level from Forbes Global 2000 companies. This study is a follow up to three prior surveys in 2008, 2010 and 2012 which measured trends and improvements in cyber governance at the boardroom level. The study was conducted by the Georgia Tech Information Security Center with support from the Financial Services Roundtable (FSR), Palo Alto Networks and Forbes.

The study is also the focus of an FSR panel discussion on Friday, October 2 at 12 p.m. ET. The panel will be broadcast via livestream here.

A full copy of the study is available here.

To read Palo Alto Networks statement on the study, visit the Palo Alto Networks Research Center here.

To read the Georgia Tech Information Security Center’s statement on the study, contact Adjunct Professor Jody Westby at westby@globalcyberrisk.com.



The Financial Services Roundtable represents the largest integrated financial services companies providing banking, insurance, payment and investment products and services to the American consumer. Member companies participate through the Chief Executive Officer and other senior executives nominated by the CEO. FSR member companies provide fuel for America’s economic engine, accounting for $92.7 trillion in managed assets, $1.2 trillion in revenue, and 2.3 million jobs. Learn more at FSRoundtable.org.

Tags: , , , , , , , , , , ,