Boards and Management Must Work Together to Strengthen Cybersecurity

Identify cybersecurity communication gaps and ways to close them.With both boards and management concerned about the effect lax cybersecurity can have on a company, it is essential that both groups work together to close communication gaps on the subject and continue toward the goal of effectively protecting the organization’s information assets. Common Communication Gaps Is your board fully informed? Communication is a two-way street, and this is the starting point for many communication gaps between management and the board. We often find that boards are simply uninformed or, worse, have a false sense of security because management reports focus on achievements over risk reporting. Boards and executive leadership fulfill the responsibility, on behalf of the organization, to make informed decisions involving investments, strategic direction and more. The risk tolerance or appetite must be established by those very same stakeholders in an effort to balance the resources and priorities at their discretion. If leadership committees lack an appreciation of where residual risk exists across the operational control footprint, they cannot fulfill their duty to navigate the organization through efforts to improve the cyber risk posture. Organizational gaps. Management is naturally inclined to present positively slanted perspectives relating to their functional responsibilities and therefore too often avoid the “difficult” conversation. As a result, leadership’s perspect...

Other related article