Join Us On LinkedIn

Most corporate boards fail to oversee cybersecurity with the same level of scrutiny as financial reporting. This needs to change.
Most corporate boards fail to oversee cybersecurity with the same level of scrutiny as financial reporting. This needs to change.
Yet surveys still say that, on the whole, directors aren’t sufficiently engaged, and companies aren’t providing directors with sufficient information and support. How in the world could that be so? Below, I examine two of the underlying problems, and provide solutions: (1) a suite of problems that I call “cyber freak-out,” and (2) an odd […]
There’s no shortage of arguments that cybersecurity needs to be aligned with the needs of the business, or that security is now a “boardroom issue.” And it seems that a new report or study is issued every day that states that boards of directors are more involved with their organizations’ cybersecurity efforts than ever before. […]
The board of directors at construction and engineering company Parsons Corp. needed to fill a seat two years ago. Naturally, they wanted someone with communication and leadership skills. They also needed someone new: an expert to help them battle computer hackers, cyberthieves, electronic spies, digital vandals and anybody else out to wreak havoc in a […]
New guidance from the National Association of Corporate Directors suggests asking more searching questions of chief information security officers, including how they measure their teams and technology and whether they have ongoing contacts with the Federal Bureau of Investigation and other law enforcement bodies that investigate attacks. via Cybersecurity: Boards Must Ask Sharper, Smarter Questions […]
Cybersecurity is a topic of discussion at most board meetings, according to a new survey of 200 corporate directors. The survey, conducted jointly by NYSE Governance Services and security vendor Veracode, revealed that more than 80 percent of board members say that cybersecurity is discussed at most or all board meetings. via Cybersecurity on the […]
A summary and link to my new article on Cybersecurity and Boards of Directors.
Ten cybersecurity concerns boards of directors can use as a guide to elevate cybersecurity to a core enterprise-wide risk management item.
My first guest column for Compliance Week is on “Preparing Your Board for Cyber-Security Oversight”
So what is the role of a board of directors amid all of this complex and bet-the-company workflow? Corporate directors clearly have a fiduciary duty to understand and oversee cyber-security, but there is no need for board members (many of whom have limited IT experience) to panic. via Preparing Your Board for Cyber-Security Oversight | […]
In this environment, any sophisticated and persistent attack against the company is almost guaranteed to succeed. But while a board of directors will have zero control over the threat, they can lead efforts to minimize consequences and make sure the business security and mitigation practices keep evolving to address new threats. via One CIO’s Guide […]
Setting corporate cyber-security policy and taking actions around it must be a top concern for the board of directors at any company, not just the information-technology division, the Department of Homeland Security (DHS) indicated as a high-level official there backed a private-sector effort to raise awareness at the board level. via Homeland Security wants corporate […]
After a series of high-profile data breaches and warnings, corporate boards are waking to cyberthreats, grappling with security issues they once relegated to technology experts. via Boards Race to Bolster Cybersecurity – WSJ
Unlike many other aspects of directing the affairs of a public company (e.g., like overseeing its financial reporting function and obligations), “cyber” is new for many directors, and is certainly far from intuitive. For this reason, this article will focus specifically on the responsibilities of public company directors to oversee their company’s cyber security program […]