Board Directors' Adaption to the New Digital Revolution (£)

Uploaded on 2016-02-15 in Directors Reports

Boards need to discuss the level of cyber risk tolerance for various assets and threats, how cybersecurity is factored into business decisions and business relationships particularly if you use aspects of the Cloud.

What were the cyber incidents and attacks that have taken place in our areas of business and how have we reacted? What have the different departments done to control, adapt and learn from the security, marketing and PR affects. And what were the discussions in the IT area and how have we re-vamped our security to adjust our capabilities?

The Relevant Questions

  • Discussion and a review of the business structure as it relates to the electronic world and the clarity of the IT’s functions and commercial purpose is vital in the new Digital Age.
  • The Board should determine how effective the CISO is at performing his/her job and the understanding that the Board in general has of the IT function and its responsibilities – how well has it done over the years and how has it changed to meet the new needs and strategy?

Understanding and anticipating these questions can help communicate more clearly with executives, implement cybersecurity initiatives and better position the organization for success.

You need to appreciate that it is not if but when you have and will be hacked. Setting up alternative systems that can be monitored for attacks is a positive deception system.

  1. Directors need to understand and approach cybersecurity as a company and market space management issue and no longer thinking cyber is just an IT problem.
  2. The Board must consider the legal issues of cyber in their market space.
  3. The Board must have access and discussions with cyber analysts.
  4. Directors should discuss the cyber opportunities for analysing their market space and related areas that may offer opportunities for their business
  5. Directors should be aware of the cyber insurance and cover that the business has and should consider.

Additional 5 Questions

5 additional questions CEO's should also ask about cyber risks

  • How often have the Directors been on a cyber course or had someone from outside the business discuss and present about the current level and business impact of cyber risks to our company?
  • How often has our industry/service area been attacked and what is considered the prime and secondary risks?
  • Does our organisation’s cyber security apply relevant current cyber security standards and best practices?
  • How many times and what kinds of cyber hacks is our business detecting weekly and how often is the Board informed about the attacks?
  • Do we have an independent standard for measuring our cyber hacking response and how often do we test it and have it independently tested?

For more information and any questions please email us at Cyber Security Intelligence.com

« Board Questions To The CIO (£)
Proposed UK Law Requiring Business To Disclose Cyber Attacks (£) »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Futurex

Futurex

Futurex is a globally recognized provider of enterprise-class data encryption solutions.

MonsterCloud

MonsterCloud

MonsterCloud is a leader in managed cyber security services. Our cyber security team constantly monitors and protects businesses from cyber threats.

Cyacomb

Cyacomb

Cyacomb (formerly Cyan Forensics) provides digital forensics software to help police forces find evidence on computers many times faster than before.

Cybersecurity & Infrastructure Security Agency (CISA)

Cybersecurity & Infrastructure Security Agency (CISA)

CISA leads the national effort to defend critical infrastructure against the threats of today and to secure against the evolving risks of tomorrow.

TCN

TCN

TCN is an advanced System Integrator and Infrastructure Company in Albania.

Zamna

Zamna

Zamna (formerly VChain Technology) is an award-winning software company building GDPR compliant identity platforms for the aviation industry.

Banshie

Banshie

Banshie is an independent cyber security company with a small team of recognized specialist that are among the best in their field.

Crypsis

Crypsis

Crypsis was built based on a shared vision of creating a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services.

Q-Net Security

Q-Net Security

Protect your critical networks. Q-Net Security make hardware that provides the strongest drop-in security for your existing critical infrastructure.

SecureStrux

SecureStrux

SecureStrux are a cybersecurity consulting firm providing specialized services in the areas of compliance, vulnerability assessment, computer network defense, and cybersecurity strategies.

Hudson Cybertec

Hudson Cybertec

Hudson Cybertec are an internationally recognized Subject Matter Expert for cyber security in the Industrial Automation & Control Systems (IACS) domain.

Infopercept Consulting

Infopercept Consulting

Infopercept is a leading cybersecurity company in India, providing a critical layer of security to protect business information, infrastructure & assets across the organization.

Wizard Cyber

Wizard Cyber

At Wizard Cyber, we simplify cyber security, delivering an advanced service that protects your high-risk assets from the complex threats that technology alone can miss, 24/7.

Sontiq

Sontiq

Sontiq is committed to providing best-in-class, highly scalable, award-winning identity security solutions to consumers, businesses and government agencies.

Hyperproof

Hyperproof

Hyperproof is a cloud-based compliance operations software. Launch new programs immediately, collect evidence automatically, and manage a compliance program intelligently.

Backslash Security

Backslash Security

With Backslash, AppSec teams gain visibility into critical risks in their apps based on reachability and exploitability.