Cybersecurity is a board level issue: 3 CISOs tell why

2020-02-11 06:00

As a venture capital investor who was previously a Chief Information Security Officer, I have noticed an interesting phenomenon: although cybersecurity makes the news often and is top of mind for consumers and business customers, it doesn't always get the attention it deserves by the board of directors.

Even on a macro level, security concepts might be difficult to fully understand, so a short and dedicated security training for the board can come in handy.

The board should operate on the notion that absolute security does not exist.

If a company is forming a security committee, Abousselham explains that committee members should be independent and with proper domain expertise to formulate and report an accurate opinion of the security risk posture to the board.

The good news is that asking the right questions, conquering communication gaps, measuring progress and treating security as a business risk will set the board up for success in improving the company's security standing.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/Wjyf2Y7A__w/

#ciso #cybersecurity