News & Top Stories

Prof Dan Siciliano discussing cyber security with the Directors-in-Dialogue participants on August 30, 2016

Boards and Cybersecurity

The Global Risks 2015 report by the World Economic Forum included this rather stark warning: "90 per cent of companies worldwide recognize they are insufficiently prepared to protect themselves against cyber attacks." Cyber intrusions are becoming more common, more dangerous and more sophisticated. Even though boards are painfully aware of the potential exposure a cyber attack can bring, developing a rational response to this highly complex issue remains a challenging matter.

TMS Academy, the integrated leadership development arm of Temasek Management Services (TMS), hosted one of its Directors-in-Dialogue (DID) forums to discuss this important topic, on August 30, 2016 at the Mandarin Orchard Hotel, Singapore. The forum brought together over 50 chairmen and board directors from the finance, healthcare, transport, real estate, and telecommunications industries, as well as senior leaders from several government agencies. The forum was facilitated by Professor Dan Siciliano, the faculty director of the Rock Center for Corporate Governance at Stanford University and Professor and Associate Dean at Stanford Law School. During the session, Prof Siciliano highlighted critical concepts concerning cybersecurity and facilitated a robust discussion on best practices in crisis response. He also conducted a table-top simulation exercise for board directors to experience a cyber intrusion.

Furthermore, the forum included an insightful presentation by Andrew Mahony and Timothy Williams from Aon, who shared critical insights on cyber risks and the cyber insurance market. To round off the forum, Prof Siciliano moderated an interactive panel discussion on "Best Practices for Incident Response Planning", which comprised three distinguished panellists: Paul Chong (President and CEO, The Certis Group), Mui Chee Leong (Managing Director, IT & Operations Temasek International) and Sam Liew (Managing Director, Accenture Technology ASEAN).

Find out more

About the 'Boards and Cybersecurity' Programme Highlights

    Some of the topics discussed included how companies could better prepare for and respond to cyber intrusions. Furthermore, the increasing pace of ever-changing technology means that organisations need to “outrun” malicious hackers in terms of adapting to and leveraging the latest technologies for their IT infrastructures. The forum also generated robust debates on the following topics:
  • The attack: Types of hacks and the damage that follows
  • The defence: Methods to prevent and respond to attacks
  • The cyber insurance market: Determining risk appetite
  • Best practices for incident response planning and internal organisational structures

About the DID

The DID, which is a flagship programme of TMS Academy, the integrated leadership development arm of Temasek Management Services (TMS), is a series of highly interactive forums that facilitate robust, in-depth discussion and debate on topical subjects of high relevance to board directors of both private and public organisations in Asia. Designed to address the evolving needs of board directors in Asia, this series provides the most current thinking on board effectiveness from global thought leaders and subject matter experts, blended with valuable insights and practical “usable” knowledge from some of Asia’s most renowned boardroom leaders and practitioners. The discussion themes for each forum vary and are continually refreshed to reflect subjects that are top-of-mind for board directors in Asia today.

Since the launch of the DID series in August 2014, over 300 chairmen and board directors have attended the forum. The series has received tremendous support from the board community and has built up an extensive alumni network from across Temasek and its partner companies, the public sector, MNCs, ASEAN companies and social enterprises.

Did you know...

95% of all attacks on enterprise networks gain entry through a spear phishing attack. A spear phishing attack is an email targeted at specific individuals that is engineered to look legitimate and fool even tech-savvy users. The email either has a malware-laced attachment or a malicious link that when opened installs malware and tries to gain system access. (Source: SANS Institute)