Cybersecurity for boards – the short story

A few days ago I wrote a post on the lack of cybersecurity skills in corporate boards, and how to fix that. This became one of the most popular posts on the blog. That’s why I created this short summary video – that you can easily share with your top management and board members.

The take-aways are:

  • Build an information security management system with the most important policies, guidelines, procedures, change mangement and monitoring processes in place
  • Select reporting metrics that make sense in terms of the company strategy. Relate impact to financial, customer, organnization and learning, and internal process perspectives.
  • Use compliance to drive board focus: regulatory compliance is already central in goverannce work.
  • Focus on people when communicating – build a positive security culture by combining bottom-up and top-down approaches.

Thanks to Kenneth Holley and eForensics Magazine for sharing the board post! Great accounts to follow on Twitter!

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s