Learn@IoD
Cart

IMHO: Cybersecurity, reputation and tough calls

type
Article
author
By Kirsten (KP) Patterson, Chief Executive, IoD
date
20 Feb 2025
read time
3 min to read
IMHO: Cybersecurity, reputation and tough calls

OPINION: Being a director is about more than just making smart business decisions. It’s about protecting the organisation’s reputation, managing risk and sometimes making the tough call to step aside – even when you feel you’ve done nothing wrong.

The recent resignation of Carlton Football Club president Luke Sayers in Australia is a stark reminder of these realities. Sayers denied posting a lewd image to his public social media account and an independent AFL inquiry found his X (Twitter) account had been compromised. He fully cooperated with the investigation and the AFL concluded the image was posted by an unauthorised person, not Sayers. Despite being cleared of wrongdoing Sayers stepped down in the bests interests of the club. 

This case raises serious questions for New Zealand directors. Are we taking cybersecurity and device security seriously enough? Do we fully understand that personal reputations are inseparable from the organisations we serve? And are we prepared to act decisively when the best interests of the organisation demand it?

Cybersecurity is a boardroom issue

The digital age has brought new vulnerabilities to the boardroom. Whether it was a hacked device, a deliberate attack, a stolen message or a misplaced phone, the result is the same: a leadership crisis. If a director’s personal device is compromised, and that breach spills over into the public domain, the fallout doesn’t just affect them – it affects the entire organisation.

New Zealand directors need to ask themselves:

    • Are we confident our board members and executives are using secure devices and communication channels?
    • Do we have clear protocols for managing cybersecurity risks at the governance level?
    • How would our organisation respond if a director’s personal digital security failure became a public issue?

Reputation is everything 

Perhaps the most striking aspect of the Sayers case is that he was found to have done nothing wrong. The club’s independent investigation cleared him, yet he still stepped down. Why? Because as a leader, his duty wasn’t just to himself, but to the organisation.

This is a director’s reality. There’s often a natural instinct to “fight it out”, to insist an investigation’s findings should be enough. But the real question isn’t about fairness to the individual – it’s about what’s best for the organisation.

When a director’s personal situation dominates headlines, boardroom discussions and stakeholder conversations, it becomes a distraction from the organisation’s mission. And at that point, the right decision – however painful – may be to step aside.

For New Zealand directors, this raises some uncomfortable but necessary governance questions:

    • Do we have clear criteria for assessing when a director’s continued presence is damaging to the organisation?
    • Are we prepared to have tough but fair conversations when a board member’s reputation becomes an issue?
    • Do we see resignation as an act of responsibility rather than an admission of guilt?
      It’s not about whether someone is innocent or guilty in the public eye. It’s about whether the board can continue to function effectively with them in the room.

Crisis preparedness – not just for management

Governance today isn’t just about strategy and oversight – it’s about managing risk in a world where personal and professional boundaries are increasingly blurred. Many boards aren’t nearly as prepared for director reputation events as they are for management-level issues. 

New Zealand boards should take this as a wake-up call: crisis preparedness isn’t optional – it’s essential. Too often, organisations wait until they’re in the middle of a crisis to figure these things out. By then, the damage is already done. The best boards don’t just react to crises – they plan for them.

Are you ready?

*AI assisted in the creation of this article

KP is the Chief Executive of the Institute of Directors. She is a qualified lawyer and a Distinguished Fellow of the Human Resources Institute of New Zealand. Her governance roles include:

Chair, Global Network of Directors Institutes (GNDI)
Chair, Brian Picot Ethical Leadership advisory board
Trustee, Voices of Hope
Board member, XRAP Advisory Panel, External Reporting Board (XRB)
Ambassador, Wellington Homeless Women’s Trust. 
With extensive governance and leadership experience, she is actively involved in community initiatives.

A strong advocate of diversity, KP was also a founding member of Global Women’s ‘Champions for Change’, a group of senior executives and directors who commit to diversity in the workplace, and a founding member of WiSPA, an organisation promoting women in sport, and mentors a number of business leaders. KP was also previously Director of the NZ Rugby Foundation.

Related content