https://www.helpnetsecurity.com/2020/04/21/quantifying-cybersecurity/
Cybersecurity is not a foreign concept to the Board of Directors. It is just so often not an understood topic. Parallel in importance to operational excellence, Cybersecurity is there to ensure business operations continue to exist beyond the moment.
Got it. So where is the Cybersecurity difficulty at the Board level regarding my organization. While each Board member can likely reiterate stories of breaches and Ransomware they have read about in the news it is just that, someone else’s problem. The breach didn’t occur here.
Compounding the issue, Board members are brought on for their specific areas of expertise. “Regulatory affairs, government relations, legal, finance and bank ties, connected to desirable client prospects.” What is lacking 99% of the time? Cybersecurity expertise focused on ensuring business continuity and protection of client’s and the organization’s data.
Why is this true? This is the way we have always done it. Breaches happen to others. We feel immune because we are too big, too small, not interesting to the threat actors, what do we have that attackers would want, we’ve never been breached yet, too expensive?
Misunderstanding at the Board level will continue until Cybersecurity experts are added and Security Awareness training is provided for other Board experts.
Back to the original question, “How do we quantify Cybersecurity for the Board of Directors?” Until we place Cybersecurity experts on the Board who can qualify and quantify information they are provided this will continue to be an exercise in formality. Formality is for show. Actionable information presented to a knowledgeable group of advisors will facilitate effective and informed decisions.
Digital Assurance Advisors provides consultation to the Board to help navigate the complex area of Cybersecurity. That is our specific area of expertise. Contact us today for a free initial consultation.
Rick Howard https://digassurance.com/Pages/profile-rick-howard.htm
Greg Duckert https://digassurance.com/Pages/profile-greg-duckert.htm
Chris Kolenda https://digassurance.com/Pages/profile-chris-kolenda.htm