7 cyber security questions for boards
Jun. 1, 2016•0 likes•46,265 views
Download to read offline
Report
Business
The cyber security job is everyone's business including the Board of Directors, even without a cyber security degree. Recent cyber security news proves that. According to several studies, Boards are getting it wrong and are leaving cyber awareness and risk management in the hands of the CEO, CISO, CTOs and cyber security companies. In a sense they are abdicating their responsibility to the shareholders. This slideshare proposes 7 questions every board should be asking their company executives abour IT security. They're not necessarily all encompassing and don't take the place of real cybersecurity training, but will drive the discussion to better and more complete understanding of strategic risk. Questions cover the basics of cyber security training, cyber policies, who briefs and when at board meetings. Thanks.
Paul McGillicuddyFollow
Recommended
Cybersecurity Goverence for Boards of DirectorsPaul Feldman
Introduction to CybersecurityKrutarth Vasavada
Cyber attacks and IT security management in 2025Radar Cyber Security
Cyber Security and Data ProtectionStrategic Insurance Software
Information Security Awareness for everyoneYasir Nafees
Cyber Security PPT - 2023.pptxChandanChandu928137
More Related Content
What's hot
The Board and Cyber SecurityFireEye, Inc.
1. introduction to cyber securityAnimesh Roy
Information security awareness, middle managementhaneen Emeir, CISA, ISO27001
Cybersecurity 1. intro to cybersecuritysommerville-videos
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
Viewers also liked
Cyber security presentationBijay Bhandari
Cyber securitySiblu28
Cyber crime and security pptLipsita Behera
Introduction to Cyber SecurityStephen Lahanas
Top Cyber Security Trends for 2016Imperva
Cyber security-report-2017NRC
Similar to 7 cyber security questions for boards
WANTED – People Committed to Solving our Information Security Language ProblemSecurityStudio
How to Secure AmericaSecurityStudio
Board and Cyber SecurityLeon Fouche
Board and Cyber SecurityLeon Fouche
WANTED - People Committed to Solving Our Information Security Language ProblemEvan Francen
Windstream Cloud Security Checklist Ideba
Recently uploaded
Building An Awesome Company Culture with WordPressEng Chin Gan
RISKS & BENEFITS OF SUPPLIER CONSOLIDATION IN IT PROCUREMENTMarkit
State of the Cloud 2023 with Bessemer Venture Partnerssaastr
Zoning Code (PDF).pdfSeanRayner2
Top 10 Tax Return StrategiesDoshiAccountants1
2023-09 Bloomerang Academy Text Fundraising Presentation.pdfBloomerang
7 cyber security questions for boards
- 1. Cyber security questions for boards7 ???????
- 2. risk oversight is a function of the full Board…yet NACD DIRECTOR’S HANDBOOK SERIES 2014 EDITION
- 3. Did you know 50% OF BOARDS SEE Cyber Security AS AN I.T. ISSUE? PWC: US cybersecurity: Progress stalled, Key findings from the 2015 US State of Cybercrime Survey
- 4. That means 50% Are doing it wrong PWC: US cybersecurity: Progress stalled, Key findings from the 2015 US State of Cybercrime Survey
- 5. full Board involved in cyber risks =25% Good PWC: US cybersecurity: Progress stalled, Key findings from the 2015 US State of Cybercrime Survey
- 6. no Board INVOLVEMENT in cyber risks =30% Bad PWC: US cybersecurity: Progress stalled, Key findings from the 2015 US State of Cybercrime Survey
- 7. 26% OF BOARDS SAY CISO or CSO makes a presentation to the Board once a year UGLY PWC: US cybersecurity: Progress stalled, Key findings from the 2015 US State of Cybercrime Survey
- 8. 28% SAY their security leaders make no presentations at all. UGLIER PWC: US cybersecurity: Progress stalled, Key findings from the 2015 US State of Cybercrime Survey
- 9. What about 3rd Party vendors? PWC: US cybersecurity: Progress stalled, Key findings from the 2015 US State of Cybercrime Survey
- 10. 23% do not evaluate 3rd parties - that number is probably much higher PWC: US cybersecurity: Progress stalled, Key findings from the 2015 US State of Cybercrime Survey
- 11. cyber training is neglected KPMG Poll
- 12. only 50% of EMPLOYEES RECEIVE PERIODIC cyber TRAINING PWC: US cybersecurity: Progress stalled, Key findings from the 2015 US State of Cybercrime Survey
- 13. PWC: US cybersecurity: Progress stalled, Key findings from the 2015 US State of Cybercrime Survey only 50% of EMPLOYEES RECEIVE Initial cyber TRAINING
- 14. Cyber Security’s biggest obstacle? Cyberedge Group 2016 report
- 15. Low security awareness among employees Cyberedge Group 2016 report
- 16. So here are the 7 questions
- 17. How are key business processes affected by different types of cyber attacks? (i.e. Ransom ware, Denial of service, Data breach, etc) 1
- 18. Leads to discussion on what type of cyber security we have and why 1
- 19. Is our physical security adequate & is it congruent with our cyber security? 2
- 20. the two are interrelated NACD DIRECTOR’S HANDBOOK SERIES 2014 EDITION 2
- 21. who are our 3rd party vendors? 3
- 22. and what risks do they pose? 3
- 23. who is responsible for cyber security training? 4
- 24. HR, IT, CISO, etc? 4
- 25. Have officers and directors received cyber security / information assurance training? 5
- 26. these are high profile, high risk positions 5
- 27. how do we vet our administrators? 6
- 28. snowden was a contractor…just saying 6
- 29. who’s working for you? 6
- 30. who does the ciso report to and why? 7
- 31. Cyber security questions for boards7 1. How are key business processes affected by different types of cyber attacks? 2. Is our physical security congruent with our cyber security? 3. who are our third party vendors? 4. who is responsible for cyber security training? 5. have officers and directors received cyber security training? 6. How do we vet our administrators? 7. Who does the ciso report to? www.paulmcgillicuddy.com
- 32. Share please