Now Available!
Join Us On LinkedIn
Join the Cybersecurity and Incident Response Group on LinkedIn
My New Article on Cybersecurity and Boards of Directors
Most corporate boards fail to oversee cybersecurity with the same level of scrutiny as financial reporting. This needs to change.
Boards of Directors and Cybersecurity: Applying Lessons Learned From 70 Years of Financial Reporting Oversight
Most corporate boards fail to oversee cybersecurity with the same level of scrutiny as financial reporting. This needs to change.
Why are Companies and their Directors and Officers Still Behind on Cyber Security Oversight and Disclosure? | D&O Discourse
Yet surveys still say that, on the whole, directors aren’t sufficiently engaged, and companies aren’t providing directors with sufficient information and support. How in the world could that be so? Below, I examine two of the underlying problems, and provide solutions: (1) a suite of problems that I call “cyber freak-out,” and (2) an odd […]
Do boards of directors actually care about cybersecurity? | CSO Online
There’s no shortage of arguments that cybersecurity needs to be aligned with the needs of the business, or that security is now a “boardroom issue.” And it seems that a new report or study is issued every day that states that boards of directors are more involved with their organizations’ cybersecurity efforts than ever before. […]
Companies hope cybersecurity experts in the boardroom can counter hacks – LA Times
The board of directors at construction and engineering company Parsons Corp. needed to fill a seat two years ago. Naturally, they wanted someone with communication and leadership skills. They also needed someone new: an expert to help them battle computer hackers, cyberthieves, electronic spies, digital vandals and anybody else out to wreak havoc in a […]
Cybersecurity: Boards Must Ask Sharper, Smarter Questions – The CIO Report – WSJ
New guidance from the National Association of Corporate Directors suggests asking more searching questions of chief information security officers, including how they measure their teams and technology and whether they have ongoing contacts with the Federal Bureau of Investigation and other law enforcement bodies that investigate attacks. via Cybersecurity: Boards Must Ask Sharper, Smarter Questions […]
Cybersecurity on the agenda for 80 percent of corporate boards | CSO Online
Cybersecurity is a topic of discussion at most board meetings, according to a new survey of 200 corporate directors. The survey, conducted jointly by NYSE Governance Services and security vendor Veracode, revealed that more than 80 percent of board members say that cybersecurity is discussed at most or all board meetings. via Cybersecurity on the […]
My New Article on Cybersecurity and Boards of Directors
A summary and link to my new article on Cybersecurity and Boards of Directors.
Ten Cybersecurity Concerns for Every Board of Directors
Ten cybersecurity concerns boards of directors can use as a guide to elevate cybersecurity to a core enterprise-wide risk management item.
Preparing Your Board for Cyber-Security Oversight
My first guest column for Compliance Week is on “Preparing Your Board for Cyber-Security Oversight”
Preparing Your Board for Cyber-Security Oversight | Compliance Week
So what is the role of a board of directors amid all of this complex and bet-the-company workflow? Corporate directors clearly have a fiduciary duty to understand and oversee cyber-security, but there is no need for board members (many of whom have limited IT experience) to panic. via Preparing Your Board for Cyber-Security Oversight | […]
One CIO’s Guide to How Board Members Can Improve Cybersecurity – The CIO Report – WSJ
In this environment, any sophisticated and persistent attack against the company is almost guaranteed to succeed. But while a board of directors will have zero control over the threat, they can lead efforts to minimize consequences and make sure the business security and mitigation practices keep evolving to address new threats. via One CIO’s Guide […]
Homeland Security wants corporate board of directors more involved in cyber-security | Network World
Setting corporate cyber-security policy and taking actions around it must be a top concern for the board of directors at any company, not just the information-technology division, the Department of Homeland Security (DHS) indicated as a high-level official there backed a private-sector effort to raise awareness at the board level. via Homeland Security wants corporate […]
Boards Race to Bolster Cybersecurity – WSJ
After a series of high-profile data breaches and warnings, corporate boards are waking to cyberthreats, grappling with security issues they once relegated to technology experts. via Boards Race to Bolster Cybersecurity – WSJ
Cyber Security, Cyber Governance, and Cyber Insurance: What Every Public Company Director Needs to Know | The D&O Diary
Unlike many other aspects of directing the affairs of a public company (e.g., like overseeing its financial reporting function and obligations), “cyber” is new for many directors, and is certainly far from intuitive. For this reason, this article will focus specifically on the responsibilities of public company directors to oversee their company’s cyber security program […]