The National Cyber Security Centre (NCSC) has published a cyber security toolkit for boards, sending a strong message to boardrooms that they must "get to grips" with cyber security.
The toolkit provides a general introduction to cyber security and practical advice. Each section addresses what the board should do, what the organisation should do and what good looks like. It also summarises the legal and regulatory aspects of cyber security.
"Board members don't need to be technical experts, but they need to know enough about cyber security to be able to have a fluent conversation with their experts, and understand the right questions to ask," the reports says.
New regulations (such as GDPR) as well as high profile media coverage on the impact of cyber incidents, have raised the expectations of partners, shareholders, customers and the wider public, it notes. "Quite simply, organisations - and Board members especially - have to get to grips with cyber security."
"There is excellent practical advice not just for board members, but also risk managers, and I would strongly recommend our members read this report and draw it to the attention of their board," commented Julia Graham, Airmic's technical director and deputy CEO.
"The report stresses that cyber risk cannot be managed in isolation and must be integrated into organisational risk management and decision making. It also recognises that successful cyber risk management will facilitate more innovation, not less. These are really important messages."
Click here to download the report.