Quick tips to improve your board’s cybersecurity
Boards of directors have a legal responsibility to protect their corporations against Business Risk, in particular, safeguarding assets and shareholder value. However, sometimes if you are a CISO, it is a challenge to communicate your priorities to the board. We provide you here with some quick tips to ensure your board knows more about cybersecurity and how to act upon it.
- Encourage your board to focus on risks, not on security. Speak the language of the board, which is the risk terminology
- Provide context and comparison. Your board would naturally like to benchmark their performance against the industry. What is the norm? Are we doing well? How much is it reasonable to spend?
- Develop KPIs and storytelling. Again, whatever KPIs are right for your company, make them relevant to risk.
- Change how we think about Cyber. In the same way that sometimes you feel ill, sometimes you do get breached. It will happen, eventually, so you will need to prepare a remediation plan and move forward. You would not go without health insurance- isn’t it?
- Change how you talk about cyber.Use simple language that board can understand and be clear on what and why and explain the risk, we couldn’t reiterate more. The board is concerned about price to earnings ratios, new product launches etc. Make sure you relate to these concepts when you put forward things like budgets requests.
- Ensure there is a comprehensive data protection policy, and that your incident response plans are tested
- Ensure the board is engaged in cybersecurity. This demonstrates how the board is meeting its duties
- Put resources in place and make sure you provision for things like cyber insurance.
- Use the news headlines as teachable moments for the board audience. ‘’It could have been us’’
Understanding cybersecurity is no small task. If you have any questions do not hesitate to contact us for a chat.
- Why is Cyber Essentials Important?
- TechForce Cyber COVID-19 assistance
- The Essential Cyber Hygiene for your business
- Why do you need a SIEM?
- New Year cyber security recommendations
- How to uncover network vulnerabilities
- Protecting your identity online
- What is a VPN and why do you need one?
- Password Management Software
- How to make of your employees the best line of cyber defence against cyberattacks
- Certificate management processes
- What is Phishing and what can you do to prevent it?
- Found malware, now what do you do?
- Data breaches and other scary 2019 events- Special Halloween post
- How to get your cyber security budget approved by the board
- The TechForce Sponsorships
- How to start a career in the security industry
- Protecting your business in the cyber security era
- Secure Your Supply Chain
- Case study: British Airways Fined £183.4million for Data Breach
- The Silver Bullet in Cyber Security
- Invoice fraud email scams and Office 365
- How to apply for the Cyber Essentials Voucher Scheme
- What is Business Email Compromise (BEC) and how to stop it
- Cyber Essentials Demystified
- How to choose a Security Awareness Platform
- 6 Quick and Easy Email Security Tips for Dummies
- Hackers On Tour
- How to share passwords safely in your Small Business
- In the news - Warning. North Sea firms likely already attacked
- 10 Steps to Cyber Security
- 6 Top Tips to Prevent Cyber Attacks
Why is Cyber Essentials Important?
More often than not customers ask us the question ‘Why is Cyber Essentials important?’ or ‘Why do we need Cyber Essentials Certification?’More
TechForce Cyber COVID-19 assistance
We are facing one of the biggest challenges we have ever seen. COVID19 sweeping the country. At TechForce, we are trying to do our bit to help.More
The Essential Cyber Hygiene for your business
We hear about the Travelex, British Airways, Maersk and Equifax data breaches. Over 90% of these incidents can be prevented by following basic Cyber Hygiene for your businessMore
Why do you need a SIEM?
A SIEM is a security information event manager, which very simply means its software that manages events regarding information security, simple enough.More
FOR LATEST UPDATES SUBSCRIBE HERE: