A Cyber Security Framework the Board Will Understand

From the BCI: There is no doubt that cyber security has taken a front-row seat in businesses of all shapes and sizes. This is even more true for companies that are governed by a Board of Directors, where members of the Board can now be held personally liable for failures ...

From the BCI:

There is no doubt that cyber security has taken a front-row seat in businesses of all shapes and sizes. This is even more true for companies that are governed by a Board of Directors, where members of the Board can now be held personally liable for failures that release personal data of staff or customers.

Further, the environment in which companies operate has become far less forgiving. In the Ponemon Institute’s 2020 study, the average cost of a data breach was estimated to be USD3.86 million globally, and USD2.15 million in Australia.

Board members understand this impact and want to support their cyber and risk teams, however, are often not well versed in the technology or terminology.

Framing the Conversation
Nick Scholefield, former CIO at financial services company Perpetual, and current Chief Operating Officer for Cloud Managed Services and Technology at Interactive understand the dilemma. Having reported to CEOs and Boards for APRA regulated and privately held businesses, he says the way a Board receives information is critical to their ability to engage and provide support.

“The Board wants cyber risks in a framework that they understand. To do so, we need to move away from the technology and separate the risk from the issue, the event and the impact. The risk is not that you suffer from a cyber event, but losing customer data may be breaching a legislative requirement or suffering reputational damage is the real risk. Start there and then share the controls you have in place to mitigate these risks and how you measure the success (or otherwise) of those controls.”

For more information and tools check out Communicating cyber security in a language the Board understands.

Disaster Recovery, Safety and Security

Sponsored Content
Featured Video

Webinars, Podcasts & Videos

Business Continuity Webinar

Did You Miss Our Latest Business Continuity Webinar?

It's not too late! You can still watch the “Business Continuity Exercise Planning and Facilitation Techniques To Start Now” video webinar.

facility resilience webinar

From Prevention To Action: The Role Of Facilities Management In Handling Emergencies And Maintenance

This free webinar on facility resilience will provide actionable strategies to safeguard assets, protect lives, and ensure operational continuity.

adaptive decision-making

Listen Now: Decision-Making During A Crisis

Robert C. Chandler, Ph.D, Founder and Principal of Emperiria discusses his research on adaptive decision-making in this podcast.

Receive the latest articles in your inbox

Share to...