It is getting even more difficult to become a director at Target.
Recently, Institutional Shareholder Services (ISS), a proxy adviser, suggested that seven of 10 directors at the retail giant be removed from office because the board of directors did not do enough to prevent a massive data breach.
Boards are going to become more active in addressing cyber-risk management, as a result of the Target breach, he said. That means the board will look more carefully at what controls are in place to prevent and detect data breaches. They need to ask what the vulnerabilities are, and whether a company has an incident response plan in place. If a breach takes place, the board has to be involved with any investigation and find out what happened, how it was fixed and ensure it does not happen again, Breaux said.
“The material impact of a cyber-incident is much, much greater than people have historically believed,” Breaux said.