The article argues that cybercrime has moved from a technical concern to a core boardroom risk, likening its evolution to that of Anti-Money Laundering. It cites the Diligent 2025 Governance Trends Report and the Boardroom Resilience 2025 whitepaper to underline the scale and speed of the shift. Cybercrime costs are described as projected to rise by 50% by 2028 compared with 2024, although the precise monetary figures are not stated. The piece lists common impacts of cyber incidents, including stolen funds, data destruction, intellectual property theft, business disruption, reputational damage, and regulatory fines, and warns that boards that treat cybersecurity as a siloed IT issue are missing threats to valuation, strategy, and survival.
Drivers behind the heightened boardroom focus include the growing value of digital assets and the rapid expansion of attack surfaces. The article highlights that the most valuable companies are data centric and that a breach can wipe out core business value overnight. It specifically notes that generative Artificial Intelligence adoption has increased attack surfaces by 67 percent, creating more systems and vulnerabilities. A real world example given is a July 2024 CrowdStrike update that affected 8.5 million Microsoft systems. The article states insurance costs tied to such incidents are expected to rise but the exact expected amount is not stated, and it adds that if the CrowdStrike outage had been caused by a malicious attack the damage could have been double the observed impact.
The article concludes with practical steps for boards to adopt immediately. Recommended actions include treating infrastructure upgrades as high risk events, implementing robust change management for software and systems, using real time dashboards to monitor cyber posture continuously, ensuring cybersecurity is a standing item on board agendas, and engaging directly with chief information security officers and risk officers rather than only IT leads. The final thought stresses that, like Anti-Money Laundering before it, cybercrime has become a boardroom imperative and that failure to adapt risks not only fines but potential existential failure. References include a link to the Diligent corporate governance trends resource.
