Contact Us

Continuity Insights Management Conference

A Cyber Security Framework the Board Will Understand

From the BCI:

There is no doubt that cyber security has taken a front-row seat in businesses of all shapes and sizes. This is even more true for companies that are governed by a Board of Directors, where members of the Board can now be held personally liable for failures that release personal data of staff or customers.

Further, the environment in which companies operate has become far less forgiving. In the Ponemon Institute’s 2020 study, the average cost of a data breach was estimated to be USD3.86 million globally, and USD2.15 million in Australia.

Board members understand this impact and want to support their cyber and risk teams, however, are often not well versed in the technology or terminology.

Framing the Conversation
Nick Scholefield, former CIO at financial services company Perpetual, and current Chief Operating Officer for Cloud Managed Services and Technology at Interactive understand the dilemma. Having reported to CEOs and Boards for APRA regulated and privately held businesses, he says the way a Board receives information is critical to their ability to engage and provide support.

“The Board wants cyber risks in a framework that they understand. To do so, we need to move away from the technology and separate the risk from the issue, the event and the impact. The risk is not that you suffer from a cyber event, but losing customer data may be breaching a legislative requirement or suffering reputational damage is the real risk. Start there and then share the controls you have in place to mitigate these risks and how you measure the success (or otherwise) of those controls.”

For more information and tools check out Communicating cyber security in a language the Board understands.

Continuity Insights

Similar Articles

Cyberwarfare Statistics: A Decade of Geopolitical Attacks

By Joe Robinson, Privacy Affairs: There have been almost 500 documented geopolitical cyber attacks around the world since 2009. Making cyberwarfare a major technological threat to nations and their citizens. …

Infinite Blue Survey Finds Companies with BC/DR Plans in Place Prior to Pandemic Proved “Not Very Useful”

Infinite Blue, a leading provider of business continuity/disaster recovery planning and response management software, has announced results from its “How Prepared Were You – A Business Continuity Retrospective” survey. Findings …

Know The Signs: A Ransomware Attack Is Closer Than You Think

The Colonial Pipeline shutdown last week is just the latest of countless ransomware attacks that have crippled numerous organizations in many sectors including commercial, finances, healthcare, government services, and education. …

Leave a Comment

Share to...