Given the potentially disastrous ramifications of cyberattacks, it is becoming increasingly common for organisational boards and executives to share responsibility for the monitoring and implementation of security protocols. Here are some ways in which this can be achieved.
The importance of shared accountability
Security issues are no longer the sole responsibility of IT departments, given the potential risks they pose at various levels throughout organisations. Executives and boards will have greater resources, power and increasingly greater understanding of such issues. Boards should appreciate their importance in this area and ensure they strive for greater reporting to and within the upper echelon of the business to facilitate greater functionality and communication with CISCO and their IT department.
The evolving nature of cyberattacks means board members are often the target of breaches, such as when Colin Powell had his email hacked. Executives are therefore at risk and need to take a proactive role in their company’s security framework.
Have plans in place
It is pivotal to have protocol and action plans in place to deal with security issues as and when they arise. Endpoint security, such as file integrity monitoring software from companies such as https://www.promisec.com/file-integrity-monitoring-software/, should be in place, plus various other security mechanisms within the organisation’s infrastructure. Boards should work closely with IT departments to develop prevention plans in addition to response procedures that are regularly reviewed and updated.
Boards should endeavour to receive regular reporting and adequate benchmarks from CISCOs. Considering one-third of staff within boards are generally not happy with the level of information they are privy to regarding security, executives should make clear what is expected from reporting in terms of how, what and when to report.
Increased interaction will enable priorities and objectives to be discussed and built. The Economist Intelligence Unit suggests that eight variations of cyberthreats can be reduced by around 53 per cent with a robust security strategy that receives board level support.
Given the need for businesses to be future-driven and striving for innovation, it is important to acknowledge that security will need to evolve and adapt in line with any new changes and technology. With new developments come new risks; therefore, financial implications and potential security risks need to be evaluated and discussed between the board and IT departments.