Emergency Incident ResponseReport a Confirmed or Potential Breach? Call +1 770-870-6343
0 Results Found
              Back To Results

                Board Oversight of Cybersecurity Risk: A Framework for Inquiry

                A tool for improving cybersecurity risk reporting and board-management discussions

                According to the National Association of Corporate Directors, 31% of board members surveyed are dissatisfied with the quality of cybersecurity information provided by management.1

                Boards of directors are seeking to engage with the cybersecurity strategy and monitor the risks more closely, but they face significant challenges. Recent court rulings provide some guidance, but there is no definitive standard for what constitutes "reasonable board oversight" of cybersecurity risk. Likewise, chief information security officers (CISOs) often struggle to determine what information is most useful to present to the board. When the two parties do meet, emerging issues like ransomware and Cloud security often steal the show, while the real rigor – a business-wide risk management program for cybersecurity – remains unaddressed. Both CISOs and board members alike can benefit from a dashboard of replicable metrics that help the board monitor risk and measure progress over time relative to corporate strategy and tolerance.

                This white paper is a tool for improving the board-management dialog on cybersecurity risk management. It contains a Framework for Inquiry, a non-prescriptive exercise that can help boards and management work together to craft a common operational picture for reviewing risk levels, measuring effectiveness, and prioritizing investment over time.

                1 *Source: NACD 2015-16 Public Company Governance Survey

                Like what you're reading?
                Just a few questions to get started


                Select Role:

                • Board of Directors
                • CEO / CFO / COO
                • CISO / CSO
                • CIO / CTO
                • IT / IS / Security VP/Director
                • IT / IS / Security Manager
                • IT / IS / Security Staff
                • IT / IS / Non-Security
                • Risk / Legal / Compliance / Finance
                • Sales / Marketing
                • Press / Industry Analyst
                • Student

                Select Country:

                • Select an item

                Select State:

                • Select an item

                Select Annual Revenue:

                • ≥ $500M
                • $100-$499M
                • ≤ $100M

                Select Industry:

                • Banking
                • Business Services
                • Credit Union
                • Education
                • Finance
                • Government
                • Health Care (Non-Hospital)
                • Heavy Industry
                • Hospitality
                • Hospitals
                • Insurance
                • Legal
                • Manufacturing
                • Media
                • Membership Organizations
                • Retail
                • Technology
                • Telecom
                • Transportation
                • Utilities
                • Other

                Current Security Environment?:

                • Managing In-House
                • Managing Externally (3rd Party)
                • Blended Model (In-house and 3rd Party)
                • Not sure

                Select Next Security Initiative Timeframe:

                • 0-3 months
                • 3-6 months
                • 6-12 months
                • 12-24 months

                Select Our Greatest Security Challenge:

                • Securing the Cloud
                • Assessing security posture
                • Optimizing Security Operations
                • Protecting critical assets
                • Meeting & maintaining compliance
                • Preventing a data breach
                • Access to actionable security intelligence
                • Access to security expertise
                • Preparing & responding to an incident

                Interested in learning more

                Currently Looking for Assistance With (Select all that Apply)

                Select Best time to call:

                • Early morning (8-10am EST)
                • Late morning (10am-12pm EST)
                • Early afternoon (12-3pm EST)
                • Late afternoon (3-5pm EST)

                Secureworks News :

                Related Content