At Willow Street Group, our team is comprised of professionals that have global expertise across multiple industries and disciplines. We leverage this depth of experience to meet the diverse needs of each family that we work with.

Willow Street Group board member, Phil Harrington, recently spoke on the “Board’s Changing Role in Overseeing Risk” during the Conference Board’s annual Risk Management and Resilience Seminar in New York.

Speaking to an audience of senior executives and fellow board members, Harrington focused his remarks on fast-emerging cyber threats. Against such threats, Harrington said that independent directors would well-serve their companies by pressing management on basic “blocking and tackling” questions in relation to a company’s cyber risk profile. He said directors need not necessarily have deep technical expertise in order to effectively oversee a company’s cyber risk profile.

Harrington referenced the recent “WannaCry” ransomware that attacked companies around the globe to illustrate his point. Even though the attack itself was malicious, Harrington said companies left themselves unnecessarily exposed through basic failures including not timely installing software patches, continuing to run unsupported software, and failing to backup critical data. He said that had boards pressed management on even the most basic cyber risk mitigants, they would have likely reduced the probability of a successful WannaCry or similar attack. Harrington gave several other examples, underscoring his belief that the vast majority of damaging cyber events had root causes that were internal and self-inflicted rather than external and malicious.

In addition to his Willow Street Group role, Harrington is a senior managing director at Brock Capital Group where he serves as an independent fiduciary to large U.S. pension funds. He is also an independent director at ProLink Solutions, Inc., and serves as an expert advisor on cyber resiliency to the World Economic Forum.