Sign up to stay
connected and
stay secure
Cyber risk across all business levels influences operations, reputation, and compliance. Cybersecurity is a big deal. Therefore, oversight from the board is pivotal for effective mitigation.
However, according to a recent National Association of Corporate Directors (NACD) survey, fewer than 15% of directors express high satisfaction with the cybersecurity information management provides. Here are some tips for improving board-level discussions on cybersecurity.
What your board needs
Boards offer strategic oversight while management handles execution, which includes cyber risk management. Regardless of industry, regulations, or geographic footprint, boards generally seek from management a translation of technical details into business terms—highlighting risks, opportunities, and strategic implications.
Here are questions board members should ask CISOs (and the questions CISOs should be able to answer clearly):
- What is our cyber risk appetite?
- What are the most important metrics we use to monitor and evaluate risk to the company?
- What is the business case for cybersecurity? Put another way, how can cybersecurity enable…