“By having a dedicated person to handle all of an organization’s cybersecurity needs, it creates another pathway toward a more secure orientation.”
Q: Who in a company is vital for cybersecurity management? Seth Berman: Cybersecurity is everyone’s responsibility. The board and senior management must set the priorities and shape the culture, but even the lowest-level employee has to play his or her role in keeping the organization secure. Having said that, it is also crucial that the organization appoint someone in charge of this effort. In most organizations this person is either the Chief Security Officer (CSO) or the Chief Information Security Officer (CISO). This person must work closely the General Counsel (GC) to ensure that the organization’s cybersecurity protocols meet its legal requirements.
Q: What is the responsibility of the board of directors? SB: Boards must play a role in weighing cyber risk. This role is required of public company boards by the SEC and even non-public boards have been strongly encouraged to consider cyber risk as a part of their responsibilities by organizations and legislation such as the National Association of Corporate Directors…
