Threat ii another tomorrow
These are still issues, but cybersecurity is about more than just protecting data. Company execs worried about personal information being leaked, customer lists being stolen, and credit cards being used fraudulently. Cybersecurity is about more than protecting data.īack in the “old days,” protecting organizations from cyber incidents was primarily seen as protecting data.
Five things directors need to know about cybersecurity.
But 23% of respondents also said there was no board plan or strategy in place.īuilding on our findings, we developed the following recommendations for what Boards of Directors need to know, actionable steps directors can take, and smart questions you should ask at your next meeting. Providing guidance to operating managers or C-level leaders was seen as the board’s role by 41% of respondents, participating in a tabletop exercise (TTX) was mentioned by 14% of the respondents, and general awareness or “standing by to respond should the board be needed” was mentioned by 23% of Directors. While 50% of respondents said there had been discussion of the board’s role, there was no consensus about what that role should be. When it comes to understanding the board’s role, there were several options. Unfortunately, 9% said it wasn’t something their board discussed. We asked directors how often cybersecurity was discussed by the board and found that only 68% of respondents said regularly or constantly. We conducted a survey to better understand how boards deal with cybersecurity.
THREAT II ANOTHER TOMORROW HOW TO
Many directors know this, but still seek answers on how to proceed. They must be knowledgeable leaders who prioritize cybersecurity and personally demonstrate their commitment. Directors can no longer abdicate oversight of cybersecurity or simply delegate it to operating managers. For Boards of Directors (BODs), this requires developing new ways to carry out their fiduciary responsibility to shareholders, and oversight responsibility for managing business risk. We need new leadership approaches as we move into the next phase of securing our organizations. For every new technology that cybersecurity professionals invent, it’s only a matter of time until malicious actors find a way around it.