Only 5 percent of large UK companies say their boards include directors with expertise in information technology or cyber security, even though the vast majority identify hacking and other digital threats as serious risks, a report showed. In the event of a cyber attack, more than half of companies in the FTSE 100 stock index cited contingency, crisis management, or disaster-recovery plans in their annual reports, according to the survey, published by consulting firm Deloitte LLP. Yet many companies lack board-level skills to deal with such crises or are paying insufficient attention to the risks, the firm said.
â€œWith the pervasive nature of technology and the focus on cyber risk it is alarming that only one in 20 boards disclose that they currently have board members with specialist technology or cyber background,â€ said Phill Everson, head of cyber risk services at Deloitte. Deloitteâ€™s analysis of UK companiesâ€™ disclosure on digital security follows high-profile data breaches at companies ranging from Sony Corp. to Yahoo Inc., as well as the Democratic Party in the US Eighty-seven percent of FTSE 100 companies identified cyber attacks as a â€œprincipalâ€ risk, Deloitte said.
More than half of companies disclosed business disruption and reputational
damage as potential risks from security breakdowns. While US intelligence officials have accused Russian cyber warriors
of infiltrating the Democratsâ€™ computer
systems, Deloitte says the most common cause of company data breaches are a firmâ€™s own employees.