You can download the solution to the following question for free. For further assistance in accounting assignments please check our offerings in Accounting assignment solutions. Our subject-matter-experts provide online assignment help to Accounting students from across the world and deliver plagiarism free solution with free Turnitin report with every solution.
(ExpertAssignmentHelp do not recommend anyone to use this sample as their own work.)
'Countering cyber risk presents a significant strategic challenge to leaders across industries and sectors but one that they must surmount in order to take advantage of the opportunities presented by the vast technological advances in networked technology that are currently in their early stages. Over the past decade, we have significantly expanded our understanding of how to build secure and resilient digital networks and connected devices. However, board-level capabilities for strategic thinking and governance in this area have failed to keep pace with both the technological risks and the solutions that new innovations provide.
Boards have a vital governance function, determining overall company behaviour and setting a company's risk appetite. For boards, action means effectively exercising oversight by asking managers the right questions to ensure that the boards' strategic objectives are met. This function is no different in the area of cyber resilience. By offering the following principles and tools, the Forum hopes to facilitate useful dialogue between boards and the managers they entrust with the operation of the companies to which they owe their fiduciary obligations.'
Assume you have been employed as a corporate governance consultant by a company listed on the Australian Stock Exchange and ranked within the ASX 200. The Chairman of the company has decided to address the issue of cyber security at the company board level.
As an initial step in the process of improving the cyber resilience of the company the Chairman has employed you to prepare a report that critically analyses how the company can best integrate its cyber security and resilience protocols to ensure continued corporate survival and improved business performance. The Chairman has requested that you submit a report providing examples of best practice and a clear set of recommendations on how the company should initiate a cyber resilience policy at the corporate board level. Your report will be tabled at the next board meeting for board members to review and evaluate your recommendations.
The advent of technological mobility, internet-based services and the needs for computer infrastructure adaptability have highly influenced businesses across the globe. To leverage any opportunities for business growth, companies have to ensure that the cybersecurity risks are at manageable levels. They have to assess the constituents of the risks and their degree of acceptability for smooth business functions. According to the Telstra Cyber Security Report 2017, around 60% of organisations in Australia have encountered atleast one incidence of ransomware attack over a period of 12 months, and around 57% of them paid the ransom. This requires the involvement of directors and management executives to participate in the development and implementation of security initiatives involving the sponsorship of security enhancement projects and training employees.
A survey has estimated that two out of three executives showcase higher involvement in devising their organisation’s cybersecurity policies in Australia. One of the key reasons for their endeavour is the growing incidences where the top management is held accountable for cybersecurity threats. The increased awareness towards cyber threats and their subsequent business impacts have been influencing the growth in IT security spending, with 81% of Australian organisations are reported to have increased their IT security budget. This shows the growing importance of cyber security for organisations. This report outlines the best practices adopted by large corporations and recommendations for companies to integrate their security policies with cyber-resilience for better business performance.
There is a growing need for companies to incorporate layers of security controls over their IT architectures and business processes. This would allow them to assimilate cyber security within their business models to prevent any adverse impacts on customers. The primary task would be to integrate cyber-resilience into management and governance practices within the organisation. This requires organisation-wide discussion to minimise the effect of silos on integration policies that offer both protection and flexibility for business processes, including research and development, production, marketing and sales, customer relationship management, administration and procurement. Aggressive implementation of such policy initiatives related to cyber threats is expected to reduce the risk involved as well as improve the overall operating efficiency and enhance the companies' value proposition.
The adoption of technology in an organisation follows a sociological lifecycle model involving its acceptance among specific adopters varying with demographic and psychological features (PCWorld 2017). From the aspect of cyber security, attackers are deemed innovators and large corporations would be considered as early adopters. This scenario required Australian corporation to be cyber secure. For instance, ransomware incidences have reported causing economic losses of atleast one billion dollars among Australian organisations. Companies are being forced to update their IT infrastructure to vary of any threats that have a multitude of negative impacts on business operations (AAP 2017). Though 80% of Australian companies face cyber attack, around 51% of them are yet to have sophisticated counter mechanisms in place (Security Brief AU 2017). This arises due to the lack of knowledge about the vulnerabilities and requires awareness programs to be better prepared for future attacks.
According to a global survey of EY, Australian companies face issues such as agility, budget constraints and risk mitigation skills when compared to their counterparts (Computer World 2017). This shows the need for the involvement of the Board of Directors (BOD) in corporations to ensure that an effective cyber strategy is developed and incorporated into the overall business operations. This report describes the cyber attacks faced by Australian corporations recently, how cyber-resilience is essential to overcome such threats, industry best practices currently adopted and recommendations for directors to be cyber-resilient in their decisions.