How to speak to your board about cybersecurity.
Welcome to Cyber Security Today. It’s Monday October 5th. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. To hear the podcast click on the arrow below:
As part of Cybersecurity Awareness Month I’ve been talking to security leaders about problems organizations face and how to solve them. One of them was Frank Downs, senior director of cybersecurity advisory solutions for ISACA, an association that offers information security and risk management training to IT professionals. We chatted about how to talk to managers and boards about cybersecurity. You can hear more from him tomorrow at the MapleSec online cybersecurity conference being hosted by IT World Canada. The conference starts at 11 am today and registration is still open. But here’s a summary of what he told me:
Boards and management need to know what risks the organization faces. Cyber attacks are one of those risks. But to understand the cyber risks the IT department has to first do a risk assessment of the firm’s security controls. That helps everyone understand where the organization is weak, what it will take to make it stronger…
