In late November 2018, Marriott International Inc. reported that it had fallen victim to a colossal theft of customer data. Up to 500 million customers’ personal information was exposed, including passport and credit card information. The breach, which began in 2014 and continued until this September, is only the latest in a long string of high-profile cyberattacks making headlines this year.
Despite the eye-popping figures and high stakes, according to a McKinsey survey of corporate directors, the majority of respondents reported that their boards had, at most, one technology-related discussion a year. Similarly, according to EY’s 19th Global Information Security Survey, only one in five executives fully considers information security in planning their larger corporate strategy.