〈   Responsibilities of members of the board of directors
Working at board level on the risks of cyberattacks

Chapter 2.1

New approaches

To make the board of directors and its members more aware of cybersecurity issues, new leadership approaches are now needed. In other countries, such as the United States, which are ahead of Switzerland when it comes to these matters, more competitive approaches and approaches covering digital trust and digital security are deployed. In this very sensitive area, communicating your proactive approach to your partners and customers, the authorities and even the general public, makes it possible to respond more effectively in the event of a crisis and to maintain customer confidence.

In Switzerland, cybersecurity is technology-centric, and is still largely seen as a field that is the preserve of technical experts. While these specialists will present the relevant information to the board of directors, what matters is that all directors take cybersecurity to heart. For liaison between IT and the board of directors, it is obviously best to choose a director with not only the relevant technical skills but the ability to ensure that the issues at stake are shared and understood.

This is because the issues are not limited to confidentiality, integrity, system and data availability or problems with computers, infrastructure, vulnerability, and so on. In reality, these technical aspects translate into very specific challenges for all the activities. Board members should focus in their role on business risks for operations, strategic business leadership, and the risk, reputation and business continuity objectives. Cyber-risks result in many impacts.

However, the question is not so much if there will be a cyberattack against the company, but when this will happen. That is why it is so important to:

  • move on to the next phase of protecting organisations;
  • find new ways to take on:

➔ fiduciary responsibility to shareholders;

➔ responsibility for monitoring business risk management.

Directors must be knowledgeable leaders who prioritise cybersecurity and personally demonstrate their commitment.

2023 © Trust Valley. All rights reserved.