In recent months, AIG, Blackberry, CMS Energy, General Motors and Wells Fargo have added a board member with computer-security knowledge. Delta Air Lines and Ecolab did the same in recent years.
The reasons are clear. Cyberattacks on large companies skyrocketed 44% last year from 2013. Cybercrime costs businesses more than $400 billion a year, according to Lloyd’s of London.
Data show that corporate boards have a long way to go. Just 11% of public-company boards queried this year reported a high-level understanding of cybersecurity, the National Assn. of Corporate Directors said. A review by the New York Stock Exchange and security firm Veracode found that two-thirds of board members questioned think their companies are ill-prepared for a cyberattack. Yet consulting firm PricewaterhouseCoopers reports that 30% of boards surveyed never talk about cybersecurity at all.