Boards play a crucial role in ensuring an organization’s cybersecurity strategy is effective and aligned with its business objectives.
In the last installment of a three-part series from our partner at Bitsight, we have compiled a list of the top five cybersecurity questions boards should consider.
- Which executive(s) are responsible for cyber risk, and how often are the executive committee and the board briefed on cybersecurity?
- At what point during a cybersecurity incident would the board be engaged?
- Are we communicating our cybersecurity performance to all stakeholders? If so, what are they being told?
- Have we quantified our cyber risk in financial terms (and under what scenarios) so that we can make informed decisions about risk mitigation and risk transfer?
- What measurements does the company use to determine whether our investments in cybersecurity are reducing our risk in a cost-effective manner?
Cybersecurity risk is now a mainstay of corporate risk management and director responsibilities. Persistence and vigilance, alongside the right software solutions, education, preparedness and transparency, are key to ensure a holistic program of cyber protection and resilience is in place.
Bitsight Security Ratings are found in Glass Lewis’ Proxy Papers® for covered companies. These ratings (ranging from 250 to 900) indicate cybersecurity performance, with higher values denoting better performance. Glass Lewis and Bitsight together offer a personalized cybersecurity risk evaluation to help you understand your cyber risk profile, evaluate the potential financial impact of cyber events on your organization, and develop your approach to discussing cybersecurity with investors and other stakeholders.
Interested in learning more? Schedule a Call