Editor’s Note: Read the complete arrticle here
From: CFO
What topics should CFOs get their arms around so they won’t seem out of touch at board meetings this year?
David McCann
As a CFO, you’re probably not a member of the company’s board. But you might as well be. You attend the greater portion of most board meetings and are asked for a lot of input.
But are you always fully prepared? After all, a new hot item may pique the board’s interest at any time. “If you’re caught flat-footed on whatever the current topic is, you look pretty stupid,” says Ellen Richstone, a former finance chief, a longtime member of multiple boards, and current board member for the New England chapter of the National Association of Corporate Directors. “Looking back at my own time as a CFO, there were occasions when I should have known more about what the board was discussing.”
At almost any point in time, a board’s agenda most likely will include strategic planning and oversight, financial reporting, and corporate performance evaluation. Increasingly in recent years, the standard short list has grown to encompass risk oversight, globalization, compliance, and technology issues. But what, more specifically, is likely to be on the table in 2013?
Cyber Worries
To hear cloud-software vendors tell it, concerns over data security have drifted into the past. But, says Richstone, the topic has been featured at every board meeting she’s been to in the past year. In fact, in a recent survey by Corporate Board Member and FTI Consulting, 48% of directors rated data security as “a major concern,” almost double the level found in a similar study four years earlier.
The concern is divided over the possibility that a security breach could profoundly damage a company’s business and reputation, and the possibility that Congress may enact laws for how companies should protect their data.
About the latter, says Francine Friedman, an attorney focused on public-policy issues with Akin Gump Strauss Hauer & Feld, “industry is responding by saying they are better able to handle this themselves. They can respond more quickly to the next type of cyber threat. It takes Congress so long to get anything done. Whatever they were to pass would most likely be obsolete by the time it’s implemented.”
Several lobbying initiatives funded by corporations are under way in Washington over the issue, most notably one spearheaded by the Direct Marketing Association, Friedman notes.
Spurred by board interest, Friedman says, “CFOs should look at what message their company is sending to consumers about protection of their information, and how it impacts the bottom line. And they should do a cost-benefit analysis: What kinds of protections are we paying for, and how secure do various types of data have to be? Is it worth it to have encryption over encryption over encryption?” Protecting email addresses and passwords is crucial, phone numbers less so, and names lesser still.
Leave a Reply