With the increase in cyberattacks and the need for an expert in information security for boardrooms is becoming a top business necessity. There are numerous cybersecurity executives who are ready to assume this prestigious role. Having such an individual in the boardroom is a valuable resource for both management and investors alike.
Many business executives view cyber security as an IT issue, rather than a strategic risk management issue. This is a grave error. As an executive in the business world you are responsible to safeguard your company’s assets and its assets. This includes minimizing risks to your family members and yourself.
This can be accomplished by providing education beyond your IT department. This involves regularly engaging with the C-suite in general and presenting security ideas in a manner that is easily understood without resorting to “geekspeak.”
For example when discussing cybersecurity concerns in the boardroom, a CISO should be willing to listen to any potential concerns of board members. This allows the CISO to analyze the risks and find a way make them compatible with the business benefits of the proposed strategy.
It is also vital that board members are aware of how to reduce their own risks. This includes regularly reviewing their email and web browser histories. They should use a device specifically designed specifically for this purpose to access the board portal of the company, and not a device that they use for Facebook or online shopping. Furthermore, CISOs should take the initiative to involve board members in the security training that is provided to all staff.