With the rise in cyberattacks and the need for a boardroom information security expert is now a pressing business imperative. There are numerous cybersecurity executives who are prepared to step up to the prestigious task. A cybersecurity executive on the boardroom can offer valuable advice to management and investors.
Unfortunately, many business leaders consider cyber security to be an IT issue, rather than a strategic risk management concern. This is a grave error. As an executive in the business world you are responsible to safeguard your company and its assets. That includes limiting the risk to yourself and your family.
This can be accomplished by providing education beyond your IT department. This means that you are constantly in contact with the C-suite in general and presenting security concepts in a manner that is easily understood and without using « geekspeak. »
For example when discussing cybersecurity concerns in the boardroom, a CISO should be willing to listen to any possible concerns of the board members. This allows the CISO the opportunity to assess the risks and strike a balance between them and the business benefits they want to achieve.
It is also crucial for board members to know how they can mitigate risks themselves. This means regularly checking your email account and internet browser history. Furthermore, they should only access the company’s board portal with an equipment designed made for this purpose and not the one they use for surfing Facebook or shopping online. CISOs should also ensure that board members are included in the regular security training offered to all employees.