Quick tips to improve your board's cybersecurity awareness
Boards of directors have a legal responsibility to protect their corporations against Business Risk, in particular, safeguarding assets and shareholder value. However, sometimes if you are a CISO, it is a challenge to communicate your priorities to the board. We provide you here with some quick tips to ensure your board knows more about cybersecurity and how to act upon it.
- Encourage your board to focus on risks, not on security. Speak the language of the board, which is the risk terminology
- Provide context and comparison. Your board would naturally like to benchmark their performance against the industry. What is the norm? Are we doing well? How much is it reasonable to spend?
- Develop KPIS and storytelling. Again, whatever KPIs are right for your company, make them relevant to risk.
- Change how we think about Cyber. In the same way that sometimes you feel ill, sometimes you do get breached. It will happen, eventually, so you will need to prepare a remediation plan and move forward. You would not go without health insurance- isn’t it?
- Change how you talk about cyber. Speak the language of the board, we couldn’t reiterate more. The board is concerned about price to earnings ratios, new product launches etc. Make sure you relate to these concepts when you put forward things like budgets requests.
- Ensure there is a comprehensive data protection policy, and that your incident response plans are tested
- Ensure the board is engaged in cybersecurity. This demonstrates how the board is meeting its duties
- Put resources in place and make sure you provision for things like cyberinsurance.
- Use the news headlines as teachable moments for the board audience. ‘’It could have been us’’.
Understanding cybersecurity is no small task. If you have any questions do not hesitate to contact us for a chat.
- What is Email Phishing and how to detect & prevent phishing emails?
- Cyber Essentials Scheme Patching Requirements
- Cyber Essentials Plus Checklist
- What is Cyber Essentials and What has changed in 2020
- How Do I Pass Cyber Essentials plus Certification?
- Why is Cyber Essentials Important?
- The Essential Cyber Hygiene for your business
- Why do you need a SIEM?
- Deadline for the Cyber Essentials Voucher
- Solving the problem of the cyber security skills gap
- How to make of your employees the best line of cyber defence against cyberattacks
- What is Phishing and what can you do to prevent it?
- October, National Cyber Security awareness month
- Guest blog- A career in Information security or Cyber security
- Top 5 Anti-Virus Software
- Tech Jargon Buster. Understand the tech lingo so you pick the right thing for your company
- Caught you watching p*rn!
- Equifax Data breach
- Secure Your Supply Chain
- Case study: British Airways Fined £183.4million for Data Breach
- How to apply for the Cyber Essentials Voucher Scheme
- Everything you need to know about Cyber Essentials
- 6 Quick and Easy Email Security Tips for Dummies
- How to carry out an email phishing test?
- 10 Steps to Cyber Security explained
What is Email Phishing and how to detect & prevent phishing emails?
Email Phishing is a form of social engineering. Phishing is the method of sending a deceptive email to make the recipient reveal sensitive information, click on a link or download a malicious file.More
Cyber Essentials Scheme Patching Requirements
You heard of the Cyber Essentials scheme. If not here Everything you need to know about Cyber Essentials. Patch management is one of the key technical controls of the Cyber Essentials Scheme.More
Cyber Essentials Plus Checklist
The UK government introduced the Cyber Essentials accreditation/certification in 2014 to protect the businesses being a victim of cyber attacks.More
What is Cyber Essentials and What has changed in 2020
You have heard about Cyber Essentials. Either one of your tenders documents asked for it or a client of yours asked for it or you just want to go through the process and achieve the certification.More
FOR LATEST UPDATES SUBSCRIBE HERE: