Directors Must Understand Their Organisation’s Cyber Risks
Cyber attacks have become the number one security threat that all business and organisations must now get to grips with and increasing the profile of cyber security in the boardroom has become a very important factor for all organisation over the last decade.
Often directors say, and believe, that cyber security is an IT problem and is the responsibility of the IT Director and their Department, even though roughly three-quarters of directors say their boards have discussed the company’s crisis response plan in the event of a major cyber security breach.
What has become also apparent in the last decade is that, although the board is aware of the security issues relating to cyber, this is now a full board responsibility and has to be completely understood by all directors and not just by their IT director.
Boards of directors must comprehend and engage with the threat profile and especially for the industrial and commercial sector that their particular business is engaged with.
Methods for assessing the cyber security risks continue to change and evolve and there has been some security help from insurance companies, but nothing can replace informed decision-making at the executive level. Understanding and comprehending a focused cyber security audit on your particular company should now be part of the Boards work. Also this requires proper cyber security training for the Board and the company’s employees.
Becoming literate in cyber risk doesn’t mean that all executives need to become technical experts. What it does mean is that they need to be able to establish their company’s tolerance for cyber risk, define the outcomes that are most important in guiding cybersecurity investment and be able to foster a culture of cybersecurity and resilience.
Get the Cyber Audit Your Organisation Needs
For an assessment to be useful to directors in a strategic capacity, the board needs to be clear about its requirements, which means it needs to know what kind of element and structures that it needs to discuss. Directors should ask for a comprehensive assessment that more than in outline they individually comprehend. Cyber security director and or managers should work with their senior leadership and boards to provide context and use an assessment as a tool for sharing the knowledge the board needs to provide effective oversight.
Cyber security training needs to take place within all organisations in order to significantly reduce the chances and risks of criminal success that are using cyberattacks and hacking methods to steal your data, money, company secrets and login information.
Currently cyber criminals are after identity resources such as social security numbers, credit card information and login credentials. These can be used to impersonate or steal directly from the organisation and cyberattacks are being used to steal, monitor and influence most organisations via their management and employees.
Cyber Attacks And Fraud
Cyber-attacks have cost US businesses over $650 billion in 2019 and UK businesses have lost almost $40 billion in the past 12 months due to cyber security attacks, hacks and related security incidents.
The insurer found 55% of business had faced an attack in 2019 which is an increase from 40% in 2018. Currently almost 75% of firms are ranked as early starters in terms of cyber readiness.
Directors and Executive Boards are often ignorant to the dangers of hackers as they rely and trust the confident in their IT Department’s ability to keep their organisations safe. Its time for them to take up the responsibilty.
PWC: Harvard Business Review: Quartz: TechTarget: Diligent Insights: CSO Online:
For cost - effective advice on your organisation’s cyber security and training needs please contact Cyber Security Intelligence and we will recommend the right Cyber Training programmes and Cyber Audit format for your organisation.
An excellent cyber security training program for organisations to consider is GoCyber - click HERE to get a Free Trial.
You Might Also Read:
Cyber Security Training For Home & Mobile Working: