How to govern cybersecurity risk at the board level

2020-01-17 05:30

A report from University of California, Berkeley's Center for Long-Term Cybersecurity and Booz Allen Hamilton uses insights gleaned from board members with over 130 years of board service across nine industry sectors to offer guidance for boards of directors in managing cybersecurity within large global companies.

Board members largely agree they are just getting started with oversight of cybersecurity and believe the cyber risk environment is not stabilizing or likely to do so in a predictable way over the next few years.

"Until very recently, it was uncommon for boards of directors to address cybersecurity risk in a regular and disciplined fashion," said Bill Phelps, a Booz Allen executive vice president and leader of the firm's U.S. Commercial business.

The report identifies four "Dynamic tensions" likely to shape board governance and oversight of cybersecurity.

This includes an organization's overall risk model or mindset, distribution of cybersecurity expertise on the board, balance between cooperation and competition with other enterprises, and the model for information flows between management and the board.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/Y_chdb-H5Vs/

#cybersecurity