Directors Must Understand Their Organisation’s Cyber Risks

Cyber attacks have become the number one security threat that all business and organisations must now get to grips with and increasing the profile of cyber security in the boardroom has become a very important factor for all organisation over the last decade. 

Often directors say, and believe, that cyber security is an IT problem and is the responsibility of the IT Director and their Department, even though roughly three-quarters of directors say their boards have discussed the company’s crisis response plan in the event of a major cyber security breach. 

What has become also apparent in the last decade is that, although the board is aware of the security issues relating to cyber, this is now a full board responsibility and has to be completely understood by all directors and not just by their IT director. 

Boards of directors must comprehend and engage with the threat profile and especially for the industrial and commercial sector that their particular business is engaged with. 

Methods for assessing the cyber security risks continue to change and evolve and there has been some security help from insurance companies, but nothing can replace informed decision-making at the executive level.  Understanding and comprehending a focused cyber security audit on your particular company should now be part of the Boards work. Also this requires proper cyber security training for the Board and the company’s employees. 

Becoming literate in cyber risk doesn’t mean that all executives need to become technical experts. What it does mean is that they need to be able to establish their company’s tolerance for cyber risk, define the outcomes that are most important in guiding cybersecurity investment and be able to foster a culture of cybersecurity and resilience.

Get the Cyber Audit Your Organisation Needs

For an assessment to be useful to directors in a strategic capacity, the board needs to be clear about its requirements, which means it needs to know what kind of element and structures that it needs to discuss. Directors should ask for a comprehensive assessment that more than in outline they individually comprehend. Cyber security director and or managers should work with their senior leadership and boards to provide context and use an assessment as a tool for sharing the knowledge the board needs to provide effective oversight. 

Cyber security training needs to take place within all organisations in order to significantly reduce the chances and risks of criminal success that are using cyberattacks and hacking methods to steal your data, money, company secrets and login information. 

Currently cyber criminals are after identity resources such as social security numbers, credit card information and login credentials.  These can be used to impersonate or steal directly from the organisation and cyberattacks are being used to steal, monitor and influence most organisations via their management and employees.    

Cyber Attacks And Fraud

Cyber-attacks have cost US businesses over $650 billion in 2019 and UK businesses have lost almost $40 billion in the past 12 months due to cyber security attacks, hacks and related security incidents.
The insurer found 55% of business had faced an attack in 2019 which is an increase from 40% in 2018. Currently almost 75% of firms are ranked as early starters in terms of cyber readiness. 

Directors and Executive Boards are often ignorant to the dangers of hackers as they rely and trust the confident in their IT Department’s ability to keep their organisations safe. Its time for them to take up the responsibilty.

PWC:       Harvard Business Review:       Quartz:       TechTarget:       Diligent Insights:    CSO Online

For cost - effective advice on your organisation’s cyber security and training needs please contact Cyber Security Intelligence and we will recommend the right Cyber Training programmes and Cyber Audit format for your organisation. 

An excellent cyber security training program for organisations to consider is GoCyber - click HERE  to get a Free Trial.  

You Might Also Read:

Cyber Security Training For Home & Mobile Working:

 

 

« How To Transmit Sensitive Information Over The Internet
Putin Says US & Russia Should Have A 'No Hacking' Agreement »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Varonis

Varonis

Varonis provide a security software platform to let organizations track, visualize, analyze and protect their unstructured data.

NXP Semiconductors

NXP Semiconductors

NXP is a world leader in secure connectivity solutions for embedded applications and the Internet of Things.

Federation of Finnish Technology Industries

Federation of Finnish Technology Industries

The Federation of Finnish Technology Industries is the lobbying organisation for technology industry companies in Finland.

Sentropi

Sentropi

Sentropi is an online protection solution against charge backs, account takeovers, identity thefts and online scams.

TÜV Informationstechnik (TÜViT)

TÜV Informationstechnik (TÜViT)

TÜViT is a leading service provider in the IT sector offering unbiased and independent tests and certifications of IT products, hardware, software, systems and processes.

macmon secure

macmon secure

macmon secure develops network security software, focussing on Network Access Control.

RHEA Group

RHEA Group

RHEA Group offers aerospace and security engineering services and solutions, system development, and technologies including cyber security.

CIRISK

CIRISK

CIRISK offers a wide range of services from consulting to audit or project management to help you develop your cyber security or information security strategy.

Sompo International

Sompo International

Sompo International is a global specialty provider of property and casualty insurance and reinsurance services including Cyber & Network Risk.

Cingo Solutions

Cingo Solutions

Cingo Solutions is a Managed Detection & Response company providing specialized data security services.

Macomb-OU Incubator

Macomb-OU Incubator

Macomb-Oakland University Incubator supports startup and emerging companies in the niche industries of defense, homeland security, advanced manufacturing and technology.

Critical Start

Critical Start

Critical Start provides Managed Detection and Response services, endpoint security, threat intelligence, penetration testing, risk assessments, and incident response.

Resilience Cyber Insurance Solutions

Resilience Cyber Insurance Solutions

Resilience Cyber Insurance combines insurance expertise with cybersecurity and data talent to deliver clear, effective solutions to protect you for the cyberrisks of today—and tomorrow.

G-71

G-71

G-71 LeaksID is a cutting-edge ITM technology aimed at safeguarding sensitive documents from insider threats.

Manifest

Manifest

Manifest is a cybersecurity company dedicated to helping enterprises secure their software supply chains.

Acumen

Acumen

Acumen's cyber security engineers protect your critical systems, in critical moments. We are here when you need us most.