Directors have a new risk to take into account when drafting and/or reviewing their company’s risk policies and procedures: cyber security risk. Cyber security risk may have reputational as well as financial impact on a company and it is a risk which is constantly evolving. Accordingly, regular security assessments, the encryption of data and installing a firewall have become a must for today’s corporate entities in order for these to protect their clients and their data.