Christianna (“Christy”) Wood has over 30 years of experience managing institutional capital on a global basis in traditional and alternative asset classes. Currently, Christy is the Chair of the Board of the Global Reporting Initiative based in the Netherlands, the leading standard setter of global sustainability reporting standards. Previously, Christy was the CEO of Capital Z Asset Management, the largest dedicated sponsor of hedge funds, having sponsored 17 hedge funds totaling almost $7 billion. Ms. Wood was also the Senior Investment Officer for the Global Equity unit of the California Public Employees’ System (CalPERS), where she was responsible for over $150 billion in equity, bond and alternative assets. 
 Ms Wood has an MBA in Finance from NYU, and BA degree in Economics cum laude from Vassar College. She also attended the London School of Economics and University College, London. She is a Chartered Financial Analyst and a Chartered Alternative Investment Analyst.

Christopher P. Skroupa: How are disruptive events, such as cyber breaches, now elevated up to a governance challenge?

Christy Wood: Cyber security and cyber risk including breaches have now reached beyond the Audit Committee up to the whole board as part of the entire board’s oversight role. This is an important shift in response to an increase in high profile breaches in the US and across the world and most management and boards now conduct “table top” exercises to ensure readiness for cyber breaches. The governance challenge is that while cyber preparedness is a management responsibility, the board has a role to play in oversight. In particular, cyber breaches are becoming increasingly sophisticated and even the best computer security can be breached. Companies have moved from asking if they are under attack to assuming they will be hacked. Business leaders are increasingly concerned about their organizations’ ability to combat and recover from an attack both from the perspective of forensics tools, disaster recovery, business resumption and crisis management advice. The commitment to tackling these threats must come from the top with a clear focus on corporate governance and the development of a more vigilant culture.

Skroupa: How can boards make a difference in effectively managing the risks associated with a disruptive event?

Wood: Boards must ensure readiness for any disruptive event. This includes process, procedures and protocols for any such event and if necessary engaging with management ‘table top’ or mock exercises where procedures are practiced to prepare for a real event. Boards should consider scenario-based response guidelines that differentiate between emergencies (life threatening situations) from serious situations (threats to operations) from newsworthy situations (impacts to brand, reputation and stakeholder relationships.) Preparedness against climate risk is emerging as a high priority for leading organizations as the world’s leaders gather for the UNFCCC Conference of Parties (COP21). There is also further acknowledgement within financial markets that climate risk is real with the Governor of the Bank of England stating that, ‘The challenges currently posed by climate change pale in significance compared with what might come…leading to financial crises and falling living standards.’ State and non-State actors such as businesses can play a transformational role in mitigating climate risk by using globally accepted and credible standards, such as GRI Sustainability Reporting Standards, to identify and address their most significant environmental, social and economic impacts.

Skroupa: To what extent do boards need to manage special situations in defense of company reputation?

Wood: Boards need to be prepared and first mitigate reputation threats through robust risk management procedures. The recent surge in digital and social media has turned the tables on traditional communications practices and organizations must be equipped to respond to reputation issues quickly and with transparency. This is not exclusive to consumer facing organizations and rather, it is fundamental to building and maintaining trust with all stakeholders. The recent findings from the 2015 Edelman Trust Barometer demonstrates this by highlighting, ‘Three out of four institutions lose the global public’s trust leaving government as the lone institution to experience a slight uptick.’* Boards absolutely need to have public relations, crisis management and reputation specialists ready to advise in the case of such events – it takes decades to build trust but only moments to destroy it if managed incorrectly. There are some great examples of how organizations have harnessed potentially damaging situations to transform the way they operate by being transparent about their challenges and seeking multi-stakeholder input.