Six Things Every Board Member Should Know About Cyber Security (£)
Commercial security and cybersecurity are no longer IT problems and that has been the case for some years, however most organisations are un-aware of the deeper problems that do not get reported and sometimes do not get researched and secured.
The first four items that Directors should discuss and understand are:
1. There must be Board level plans strategizing cybersecurity.
2. The security issues within the business sector you are in must be explained to the Board and often up-dated.
3. There should be external reviews undertaken to establish the corporate cyber risks that the business is subject to.
4. The Board should be made very aware of where the crucial business information is kept for instance what are the security methods for protecting HR data on all employees.
The Board’s CEO and CIO and IT managers should hold meetings and discuss the areas of cyber and the last two issues are such points as:
5. What are the rules concerning BYOD – bring your own devices to and from work and what information is allowed to leave the office.
6. How much of your organisation’s information is kept in the Cloud and what are the security and Insurance issues related to this data – how well protected is it?
Often organisations are unaware of how much data is kept in the Cloud and they are frequently unaware of who is in charge of its security and how well protected it is.
Board level Directors of all types should make themselves aware of the common cyber security problems that are affecting industry and in particular the industry sector that your organisation works within.