Open AccessAcademic Research on the Role of Corporate Governance and IT Expertise in Addressing Cybersecurity Breaches: Implications for Practice, Policy, and Research
Author(s) -
Caroline Hartmann,
Jimmy Carmenate
Publication year - 2021
Publication title -
current issues in auditing
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.274
H-Index - 11
ISSN - 1936-1270
DOI - 10.2308/ciia-2020-034
Subject(s) - corporate governance , business , public relations , audit , audit committee , data breach , computer security , accounting , political science , finance , computer science
SUMMARY Frequent cyber-attacks on organizations in the last decade have caught the attention of practitioners and governance bodies, who have called for boards to take a more active role in managing and preventing future cyber risks. Governance surveys, however, find that boards are not sufficiently prepared to address cybersecurity risks due to a lack of IT expertise. Firms have begun appointing technology experts, creating board-level technology (IT) committees and delegating responsibilities to the audit committee as a means of managing cybersecurity risk. With the aim of understanding the current and future role of governance mechanisms in managing cybersecurity risks, this paper reviews the existing cybersecurity guidelines and regulations, and summarizes the empirical research related to corporate governance, security breaches, and IT expertise in overseeing cyber risks. Finally, we discuss implications for practice, policy, and researchers.
Accelerating Research
Robert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom
Address
John Eccles HouseRobert Robinson Avenue,
Oxford Science Park, Oxford
OX4 4GP, United Kingdom