Event Blog


Board Diversity: Are you an Agent of Change?

By Nicole Rashotte, Membership and Social Media Coordinator, Women Get On Board
July 2, 2019

On an evening that saw Toronto flush with rain and Raptor’s pride, the Governance Professionals of Canada (GPC) partnered with Women Get On Board (WGOB) for engaging conversations on Board Diversity – Are You an Agent of Change?

WGOB’s Founder & CEO Deborah Rosati moderated the conversation with panelists George Horhota, Co-founder, The Brockton and Director, Community Trust Company; Ekta Mendhi, Senior Director, Corporate Strategy, CIBC and Co-Chair of the Canadian Gender and Good Governance Alliance and Marian Walsh, Chair, Governance and Human Resources Committee, Board of Medavie.

From defining diversity to championing its necessity, the panelists provided an insightful discussion on the many ways business leaders can advance their board diversity mandate.

1. What does board diversity mean to your company/organization in terms of commitment and needs?

According to the Canadian Gender and Good Governance Alliance’s ‘Director’s Playbook’ (an organization which Mendhi co-chairs), “several studies demonstrate that organizations experience the greatest benefits of diversity when they have between 40% and 60% female representation at all levels.”

The panelists addressed what is currently lacking in the board renewal process and detailed what has been done or should be done to find practical solutions to increase diversity on boards. In terms of a present board ‘need,’ Horhota stated, “I think the board should reflect the diversity of the customer and their employees, regardless of what industry they are in.” He added that this school of thought is not currently in practice for boards across Canada and beyond, despite being a necessity for both customers and employees to feel like they are adequately represented.”

Both Mendhi and Walsh shared his sentiment, with Mendhi adding that it then becomes a talent pool issue. If those decision-makers in charge of identifying board talent continue to allow the same small group of individuals to serve on a board, then companies and organizations will be challenged to advance board diversity.

Shifting the focus to what board diversity commitments are being made by the companies/organizations that the panelists belong to, Walsh noted that Medavie is committed to having a diverse company with a multitude of skill sets and recognizes that those skill sets come from individuals with different gender, geographic location, age, ethnicity and culture.

2. What board renewal mechanisms do you have in place or that you would advocate for change? (eg. age limits, term limits?)

Walsh stated that introducing term limits was one way her company was able to implement change, calling it a “matter of strategic importance.” To keep a board that is fresh and represents the majority versus the minority, Medavie recognized that turnover of the board is a good governance practice and critical to the foundation of their overall business model.

The panelists agreed on the importance of setting age limits, as it opens board seats to add younger cohorts, which often results in new or fresh ways of approaching how a company or organization is run.

3. Describe how you or your company/organization are an Agent of Change (give examples) in advancing board diversity?

When it comes to being an agent of change, companies/organizations need to embrace board diversity as part of their culture. The panelists agreed that significant importance needs to be placed on how companies and organizations go about finding board candidates.

Mendhi suggested using peers, networking organizations and executive search firms as a source of finding diverse board candidates and expanding the potential talent pool.

Walsh revealed that every time a board seat becomes vacant at Medavie, the company requires that its board competency matrix is met by searching for candidates that represent diversity from gender, geographic, age, ethnicity and culture.

It is not enough to discuss how a company or organization can be an agent of change – there needs to be champions within to make it happen. Whether this is a Chief Diversity & Inclusion leader or senior business leaders that champion the company’s goals to catalyze change.

4. Are there other companies/organizations or countries that you think are good examples that are advancing the board diversity mandate?

The panelists agreed that it is essential that other companies, organizations and even countries get involved.

Mendhi was quick to acknowledge the Canadian Gender and Good Governance Alliance, in particular, the Canadian Coalition for Good Governance (CCGG), which defines itself as “the preeminent corporate governance organization in Canada uniquely positioned to effect change as the voice of institutional shareholders that invest in Canadian public equities.” The CCGG advocates for business leaders to commit to diversifying their boards.

Horhota pointed out that many institutional investors are also becoming agents of change as they take steps to vet potential board candidates to make sure there are diverse board candidates on the slate.

Walsh noted that as new board members are on-boarded, it is essential that they become advocates for advancing the board diversity mandate. All panelists agreed; this is a vital step to ensure diversity is incorporated into the board culture.

Women Get On Board is a leading member-based company that connects, promotes and empowers women to corporate boards. We do this through an engaged community of women and men in Canada committed to advancing gender diversity in the boardroom. Find out more about becoming a member of Women Get On Board.


Ilana Hechter – Partner, Mercer Consulting

Hot Topics in D & O Risk and Insurance:  Climate Change, Respectful Workplace, Cannabis and Blockchain & Cryptocurrency

By Ellen Pekilis
May 8, 2019

A panel of four experts provided information on top trending risks to a sell-out crowd in Toronto on April 10th. “Hot Topics in D & O Risk and Insurance Climate Change, Respectful Workplace (#MeToo), Cannabis and Blockchain & Cryptocurrency” hosted by our National Strategic partners, Marsh Canada.

1. Climate change presented by Karen Lockridge – Principal, Responsible Investment, Mercer Consulting

Directors’ climate liability exposure may increase substantially due to a wide disparity between boards and the expectations of key stakeholders regarding climate risk. Failure to proactively manage environmental risks is becoming increasingly newsworthy.

The 2019 World Economic Global Risk Report found that climate change and related environmental concerns are perceived as dominating the risk landscape.

This is reflected in increased investor engagement on these topics. The Report is an annual survey of broad stakeholder groups including business, academia, investors and civil society.

By contrast, the 2018 Global Network of Director Institutes found that only 17% of responding directors viewed climate change as very relevant to their corporation or role as director, while 30% thought it was not at all relevant.

Karen Lockridge, a Principal with Mercer’s Responsible Investment team in Toronto, suggested that boards follow the road-map provided by the Task Force on Climate-related Financial Disclosures.

Described as the most significant development since the Paris Agreement, the Taskforce was established when Mark Carney and a group of 20 other Finance Ministers and central bankers realized that there was insufficient data to assess the risk that climate change poses to the global economy. Led by Michael Bloomberg and 32 members from a broad range of multi-nationals including Mercer, Tata, Unilever and Bank of America, the Taskforce represented recognized names across the whole value chain in terms of corporate reporting. Their recommendations were summarized as follows:

  • Are our strategies and operations at risk, given expected climate changes and the drive to a low carbon economy?
  • Is the organization’s governance of climate-related risks and opportunities robust and effective?
  • Does the organization’s strategy and financial planning accurately assess and reflect the actual and potential impacts of climate-related risks and opportunities?
  • Does the organization have a process in place to identify, assess, quantify, and manage climate-relate risks?
  • Is the organization using metrics and targets to assess and manage relevant climate-related risks and opportunities?

2. Respectful Workplace (#MeToo) presented by Ilana Hechter – Partner, Mercer Consulting

There is a similar gap in beliefs as to whether workplace bullying and harassment is a material risk. But building a respectful workplace is about more than checking a box on diversity, said Hechter. According to Statistics Canada, 60% of employees report having experienced harassment and bullying at work. By contrast, the Gandalf Group’s C-Suite survey found that nine out of ten senior executives in Canada do not believe that sexual harassment is a problem. Hechter pointed out that this kind of disparity t can drive a #MeToo risk.

Additionally, this gap between executive and worker perceptions can exacerbate employee attraction and retention risks, particularly if the company requires a pipeline of highly skilled millennials. Focusing on diversity and inclusion as a part of organizational culture has an economic impact on performance. As Hechter stated, “diversity is being asked to the dance; inclusion is being asked to dance”, a small but impactful difference. The trend moving from a more traditional engagement contract to a “thrive” contract focuses on how to ensure your employees perform the best for the short period of time they are likely to stay. Providing them with a sense of purpose is critical as money is not the key driver. Employees value working where they feel respected and included.

Hechter encouraged board members to ask:

  • Does the organization have a diversity and inclusion policy?
  • Is there a reporting process?
  • Are expectations clearly articulated to permit insistence between locations and business lines?
  • Are leaders – especially middle managers who manage teams – invented to implement and achieve diversity and inclusion goals?

3. Blockchain & Cryptocurrency presented by Jennifer Hustwitt – Senior Vice President, Marsh & McLennan Companies

A global patchwork of crypto-asset regulatory requirements is developing, which creates uncertainty in terms of the international flow of business. Board members should monitor efforts to achieve alignment and consistency in international regulation necessary to support an international trading infrastructure.

Understanding these changes and the regulations that are starting to unfold as a result of regulatory oversight of key fin-tech players is critical for boards. To help boards and senior executive come up to speed, Marsh launched Crypto-Assets and Blockchain Technology: On the Brink of Legitimacy? at the 2019 Davos World Economic Forum.

Tokenization of cryptocurrencies is now allowing individuals to own fractions of assets. The future of the user experience in a seamless payment experience is ever evolving in Silicon Valley. The development of seamless app-based payment technologies has given boards the opportunity to review whether digitization of financial assets should be viewed by their organization as a strategic differentiator.

A key risk factor is the global shortage of blockchain-specific software and network security experts. Regulators are signaling that reliance on current cyber-security resources and techniques may be insufficient to manage risks such as anti-money laundering/know your client in the crypto-currency space. With compliance officers moving into cryptocurrency boards we are seeing positive indicators that further regulations and formalization in the industry is coming—and that the industry as a whole is here to stay.

Scandals and increased regulatory scrutiny are driving an enhanced focus on licenses. Organizations are advised to undertake a rigorous evaluation of licensing requirements in each relevant jurisdiction, including at the state and provincial level.

4. Cannabis presented by Dianne Morrison – Senior Vice President, FINPRO, Marsh Canada Limited

Legal in Canada since the early 2000’s (medically) and now legal nationwide recreationally, the cannabis industry is a disruptive force. It is a new and rapidly evolving industry that has the potential to take market share from numerous fields including alcohol, pain remedies, sleep aids, sports aids and wellness products. Dianne Morrison advised that boards need to ensure that their organization has considered whether cannabis will disrupt their organizational strategy and developed appropriate mitigating tactics.

Boards should also monitor the risks that arise from the inconsistent regulatory frameworks for cannabis. While Canada regulates cannabis as a pharmaceutical product, there is inconsistency in approach between the 33 American states where cannabis is legal.

Cannabis, of course, remains illegal in the US at the federal level. Publicly traded companies with cannabis businesses need to divest their US assets at the current time or risk being delisted.

Where there is exposure to cannabis-related risks, board members should ensure that the company has appropriate Directors & Officers (D&O) insurance. US based insurers or their Canadian subsidiaries cannot operate in this space at this time. Insurance companies want to see how claims develop before fully defining D&O insurance, so for now terms and conditions may be more restrictive and premiums higher, but insurance products are now available.

Women Get On Board is a leading member-based company that connects, promotes and empowers women to corporate boards. We do this through an engaged community of women and men in Canada committed to advancing gender diversity in the boardroom. Find out more about becoming a member of Women Get On Board.


The Role of the Board in M&A transactions: Creating Value and Minimizing Risk

By Susan Rabkin, Corporate Director, and Karen Pugliese, Country Leader, Canada, CommScope
February 11, 2019


On an icy February morning, in Toronto over 75 people turned out at the Women Get On Board breakfast event hosted by Gowling WLG for a panel discussion on the board’s role in creating value and minimizing risk in M&A transactions. Norma Beauchamp moderated the panel, board member and panelists included Kathleen Ritchie, Partner, Gowling WLG and Steven Latinovich, Managing Director, Corporate Finance BMO Financial Group. From metals, mining and energy to the latest trend of international expansion of cannabis, both the number of Canadian registered deals and their value, have increased exponentially in the last couple of years. The board’s role in M&A is more important than ever.

The event panelists, all experts in various aspects of M&A, provided insights in response to thoughtful questions posed by the WGOB team. What follows are some of those insights.

1. Is the board M&A ready? Are there processes in place to evaluate an M&A deal?

A key to being “ready” is for the board to “know” the company and space within which it operates. It means not only seeing M&A opportunities but also understanding the competitive landscape and its threats. In addition to acquisitions the company may want to pursue, the board should consider whether the company itself might be a target, which could happen unexpectedly if the board doesn’t know the company well enough! How do you do this?

The panelists agreed that the board should have a formal process in place for regular M&A discussions (perhaps quarterly or annually). This includes regular management reports to the board on M&A opportunities, both buy-side and sell-side, especially for firms operating in industries impacted by rapid consolidation. According to Steven Latinovich, buy-side considerations would include determining what industries, verticals, and the purchase price would be accretive or strategically intelligent. On the sell-side, attention should be given to the strategic changes, divestitures, geographical re-alignments, and management succession plans that may be required, and within what timeframe, to make the firm most attractive to a potential buyer.

In addition to obtaining management’s perspective, the board should have generative discussions of their own regarding M&A. This may reveal opportunities that would not otherwise percolate up to the board from management, due to differing views on strategy, conflicts of interest, or concerns about job security. Involving advisors early and regularly, including leveraging free advice, will help put you ahead of the “readiness” curve, and may also increase the amount of M&A opportunities that merit board consideration.

Panelist Kathleen Ritchie emphasized that to be “ready,” the board must have mechanisms in place to reach one another quickly and have key advisors lined up in advance. Moving fast is critical when offers, letters of intent, or exclusivity issues arise. Boards must immediately assess the market and determine whether the offer is mere trolling or is legitimate. Moreover, many emerging companies are disorganized and would be hard-pressed to assemble a data room on short notice, thus getting access to the right information to make quick decisions can be challenging. Managing the cost of third-party experts can also be challenging, but having their guidance can make the difference between success and failure.

2. How do you determine whether a special committee should be formed and whether or not external advice should be sought?

Kathleen explained that efficiency is one of the main reasons for the establishment of a special committee of independent directors in the context of M&A. A special committee of the board can help narrow the focus of M&A strategy using a board and third-party experts in a smaller group setting to do the “heavy lifting” required when assessing an M&A transaction.

The special committee brings independence and objectivity. It was noted that the only legal requirement for establishing a special committee is to protect public company minority shareholders in the event of an insider bid. Nonetheless, all panelists agreed that having a committee or, at the minimum, a sub-committee, updating the broader board on M&A is prudent. The special committee may also be directly involved in M&A negotiations if management is too close to be impartial.

3. What are some of the critical M&A processes you need to set up and what is the right M&A leadership that needs to be in place?

When it comes to M&A, sometimes CFOs are lazy, and CEOs too aggressive, or sometimes they’re simply too stretched to give adequate consideration to M&A. According to the panelists, boards must have “boots on the ground” to really understand the psychology behind M&A, and to understand potential conflicts of interest within management. Boards must ensure their values reflect those of shareholders, and that they’re representing the best interests of the company.

What are some practical ways to do this? According to Kathleen Ritchie, before transactions arise, make sure contracts are centralized, clean up records, including minute books, etc. Don’t be shy about calling in advisors, as discussed earlier. If you’re on a public company board, make sure information is “locked-down,” and that only a small group is involved in the transaction. This will help avoid potential leaks, trading blackouts and regulatory investigations after the transaction is complete.

Strategic board leadership requires an honest assessment of corporate cultures and understanding whether distinct cultures can be aligned, knowing how to achieve meaningful synergies, understanding the transaction’s value proposition, and selecting the best financing options. Only by asking the right strategic questions and getting satisfactory answers is the board is well-positioned to provide the necessary leadership.

4. What are ways to review the proposed deal in the context of the company’s strategy and challenge the value creation potential of the transaction?

As noted above, seeing a path to either changing or invigorating the corporate culture of an organization in an M&A transaction is a critical determinant of its success or failure. According to Latinovich, if you can’t see such a path, “… it will be a drag on management resources and the acquisition will not be accretive”. In his words, “Culture Kills Strategy.”

He also noted that synergies lower acquisition multiples so the M&A team must be expert at extracting value from synergies and have confidence in their prowess at business integration. Also, as companies grow in size and scale, they may attract higher valuations and access to new markets and customers. He noted some methods to review a proposed deal both from the buy-side and sell-side and pointed out that the board’s judicious use of financing options can help a company grow more rapidly. Asking the right strategic questions, understanding your valuation and the motivations of strategic vs. financial buyers will have different implications on the legacy of the business you’ve built as a board.

5. What are some of the critical aspects of due diligence that should be in place before approving the transaction?

The panelists agreed that knowing what you’re trying to buy is the starting point for making sure you get what you want from your due diligence process. Moreover, as Ms. Beauchamp noted, finding the “skeletons in the closet,” i.e. what you don’t want to buy, is equally important. Therefore, due diligence spans not only legal, but also financial, tax, geographical access, IP, specific industries, employment matters, and many other aspects. Most M&A law firms have checklists that assist in conducting thorough due diligence, but the amount and depth of inquiry depend very much on the deal that is desired.

When a public company is involved and a deal announced, the parties must move quickly. Having the fewest conditions possible to be able to close the deal is critical. It is essential to identify items such as change of control provisions in contracts that can impact the deal’s value (e.g. debt acceleration or employment contract payouts) and to know what consents or regulatory approvals are required to complete the transaction. Share deals require reciprocal due diligence. Public searches, including on the various forms of security should be conducted to find hidden issues. The board should ask its M&A lawyers to provide an overview of the transaction and raise any “red flags” to focus the due diligence effort.

Having good bankers and sound financial advice can be pivotal for successful M&A. Due diligence conducted by these experts will help ensure that financial statements, growth trajectories, tax implications, and other qualitative aspects of a transaction are validated, and help determine the appropriate structure of a transaction.

6. What are ways to examine the post-merger integration plan in details and tracking performance against the plan?

The panelists stressed that having a post-merger plan in place is essential for several reasons. The performance of post-merger integration is tied to being able to effectively communicate the path forward, the culture, and treatment of employees. The plan will provide targets for cost savings and revenue and earnings growth, to which management can be held accountable as part of a successful integration of the businesses. The plan will also help identify strong players that will help take the organization into the future. As a result, both the pre-plan and post-plan require a focus on the people.

In this regard, having an effective communication plan for employees is paramount, or good talent may be lost. Employees must be seen as, and treated as, the most critical assets of the organization. The first step is to “lock in” the best talent and find an exit strategy for those that don’t fit. Ensure that you have adequately compensated those who are critical to the success of the acquisition – and think of success at multiple levels of the organization, not just the C-suite.

Analysis of the financial impact of the post-merger transaction involves a careful deep dive into the quality of earnings and whether they have materialized, identifying any surprises that weren’t uncovered in due diligence, determining whether appropriate cash flows are realized, whether the financing options chosen were correct, and whether there are any impediments to future investments, etc.

Shareholder perception of the integration of the businesses will be carefully scrutinized, especially when the post-merger first quarter financial results are available. Post –merger results will be the test of whether the transaction delivered the goals stated when the deal was announced.

Finally, an important caution raised by the panel. It is critical to avoid “gun jumping.” Gun jumping is the integration of the businesses before the transaction has closed. The excitement around a deal within the organization may lead to improper integration activities, with serious repercussions. Board leaders, with the help of external advisors, must ensure this does not happen.

Women Get On Board is a leading member-based company that connects, promotes and empowers women to corporate boards. We do this through an engaged community of women and men in Canada committed to advancing gender diversity in the boardroom. Find out more about becoming a member of Women Get On Board.


Disruption and Transformation – The Board’s Role in Overseeing Opportunities and Risk

By Ellen Pekilis
November 23, 2018

Innovation and disruption are top of mind for every board.  Women Get On Board recently held a panel discussion to provide expert insight on the board’s role in guiding transformational change and learning to embrace risk. Hosted by KPMG, the panel was moderated by Lori O’Neill, board member and independent governance consultant.  Panelists included Craig O’Neill, CEO of VersaPay and Leslie Luk, audit partner in KPMG’s technology, media and telecommunications practice.

Building Trust

Boards are necessarily focused on risk management and compliance, particularly in a public company context.  Encouraging the board to consider risking truly transformational change requires the CEO to take deliberate steps to build trust between the board and management.

Craig O’Neill took VersaPay through a transformational change which involved selling their main revenue-generating asset to create the bandwidth to focus on new directions.  Getting board approval for such a dramatic divestiture required focused trust-building.

“When you can build that trust and that healthy tension, it’s kind of magical,” said O’Neill. “You can be very productive as a board if you have it.  If you don’t have it, it can be very unproductive and very, very divisive.”

Key tactics included putting a premium on transparency.  O’Neill used a “skip level” approach by which he put key board members in direct touch with his direct senior reports including the CFO, keeping a close eye on roles and responsibilities to counter the tendency of board members to meddle in operations if they get too close to management.

“I wanted them to know that what I tell them is straight up the truth. It’s not varnished, it’s not filtered. You’re going to hear the good, the bad and the ugly. If there is any bad and ugly–and there is always bad and ugly–you can trust what I’m telling you,” said O’Neill.

Leslie Luk advised that establishing mutual understanding with the board about the type and frequency of information flow is key to establishing board trust.  She suggested that pre-meetings with the Audit Chair could also go a long way to help.

Let Sub-committees Take a Deep Dive

The panel recommended establishing sub-committees for the really big transformational decisions.  Sub-committees permit a small number of board members to set aside the time for a focused deep dive in the issues.  While the ultimate decisions remain with the board, the fact that some board members are recommending the change from an informed position may encourage a higher trust level by the rest of the board members in terms of embracing transformational risk.

Sub-committees should be established with a specific purpose and with the same rigour that a Board would put into establishing the audit committee.  Be purposeful about identifying the special skill-sets required from sub-committee members to get the best governance oversight.

Implementing Implementation

Many strategies die on the shelf.  Tone from the top is key to encouraging management to actually operationalize the strategy once it has been approved. Adopting an innovation culture can also help de-risk a project.

“Fail quick and fail small,” advised Leslie Luk.  “Try things on a smaller scale.  Having the board with that mindset will help incentivize management to actually try things.”

It is critical that management establishes appropriate indicators and consistently reports on them as a standing item on each quarterly board meeting agenda.

“The board has to ask management, ‘what are the signs of success?’,” stated Craig O’Neill.  “Lead indicators.  Not lagging indicators.  What do we watch to see if we are on the road to success, not lagging indicators that will let us know that we have already succeeded in the past.  We use a report card on both leading and lagging indicators, but the lead indicators are way more important.”

Women Get On Board is a leading member-based company that connects, promotes and empowers women to corporate boards. We do this through an engaged community of women and men in Canada committed to advancing gender diversity in the boardroom. Find out more about becoming a member of Women Get On Board.


Cyber for the C-Suite – A New Reality

By Ellen Pekilis
May 3, 2018

Cyber risk is expanding in scale, scope, severity and source, landing near the top of most boards’ risk profiles. Catherine Evans, National Cyber Practice Leader, led a recent Women Get On Board session exploring the new realities of cyber risk for board members. Key learnings include:

1. The Internet of Things

The astronomical rise in connectivity will fundamentally change the nature of cyber risk. By 2020, there will be an estimated 50 billion connected devices. That means 50 billion ways in. Centralized system controls can no longer provide the same degree of assurance that they have traditionally delivered.

2. The Rise of Nation States as Threat Actors

2017 saw a rise in the sophistication of cyber attacks, stemming from military-grade techniques developed by nation states. Russia, North Korea and China are most commonly cited as applying the full force of government funded technology with extreme capability far beyond the wildest imagining of the teen hacker in the basement who used to haunt boards’ nightmares. New tools and responses will be required to meet this degree of threat.

3. Cybercrime Motives and Goals Are Evolving

Cybercrime typically had a simple driver: money. Key breaches focused on monetizing sensitive personal information such as credit card numbers, social insurance/security numbers and health data. No more. The market is now so flooded with easy access to stolen personal information such as credit card numbers that the price has dropped. While the market for illicit personal information is still there, it’s not as lucrative. The focus of cybercrime has broadened to include intellectual property theft and causing operational disruption to extort a ransom. Nation states are also focused on causing actual damage to physical infrastructure, for example, attacks on power grids in the Ukraine & the US.

4. With Evolving Goals Comes New Targets

As the motives for cybercrime change, so do the targets. Organizations with deep holdings of personal information have typically been the focus of cybercrime. Manufacturing – particularly in a pure business to business environment – has so far escaped the brunt of cybercrime, but this is changing. As the focus shifts towards IP theft, operational disruption, and physical plant damage, manufacturing companies need to move cybercrime higher on their risk management agenda.

5. The Regulatory Landscape is Changing

A raft of new compliance requirements are coming into play. In Canada, the Digital Privacy Act 2018 will come into force in November, 2018. It includes mandatory breach notification of both affected individuals and regulatory authorities. The notification requirements are subject to a variety of triggers including the sensitivity of the information involved and the risk of harm. The EU General Data Protection Regulation comes into effect this month and also include mandatory breach notification requirements as well as the right for EU residents to receive their information and have it permanently deleted from all sources.

In the US, the SEC has issued Guidance on breach disclosures. The Guidance stresses the importance of establishing proactive policies and procedures before there is a breach. The SEC focuses on the importance of board oversight and establishes expectations that the Board understands the company’s relevant policies and procedures. The SEC has also expanded the financial disclosure certification to include board certification that the company’s cyber-security and response plan are adequate for the risks.

6. Governance Needs to Develop With the Same Intensity As the Risk

In a recent Marsh study, most organizations appropriately identify cybercrime as a top 5 key risk. However, most advise that they can’t effectively measure or evaluate the risk. 34% have no way to measure cyber-risk and a further 46% have only qualitative measures that may be insufficiently robust. Most view governance as functional, not strategic, with 65.9% of respondents saying that cyber risk is a technical matter owned by IT, not an organizational risk owned by all key risk owners/managers. In reality, IT may control the mechanisms, but the broader organizational exposures are way beyond IT’s capacity. 45% of senior executives say they provide cyber-risk information to the Board, but only 18% of Directors say they receive such information. This disconnect is particularly sobering given the staggering rise in the scope of the risk, coupled with the SEC guidance (for US reporting issuers) that the Board certify the adequacy of the company’s cyber-security and response plan.

Women Get On Board is a leading member-based company that connects, promotes and empowers women to corporate boards. We do this through an engaged community of women and men in Canada committed to advancing gender diversity in the boardroom. Find out more about becoming a member of Women Get On Board.