Cybersecurity has gone mainstream because it is materially impacting our security, our investments and our privacy. This is underscored by the SEC’s new cybersecurity disclosure rules and represents a clear opportunity to improve the status quo. The mission of Board Cybersecurity is to provide board directors, executive management and investors the resources to properly assess, manage and mitigate cybersecurity risk. The following initiatives will be the initial focus of Board Cybersecurity.
Board training
Board Directors are responsible for the overall strategy and management of a corporation but are not generally involved in day-to-day management. This allows Boards to look beyond short-term operations and risks to identify areas requiring additional investment. As such, Boards are not only in the best position to flag cybersecurity risk but have a fiduciary responsibility to do exactly that. Unfortunately cybersecurity risk has experienced a sharp rise in materiality and many Board Directors believe it to be too technical of a topic to understand.
But cybersecurity risk is simply another form of risk. Not all Board Directors are experts in finance or legal yet they are still able to sit on subcommittees that manage those risks. Through our training, resources and insights from experts, we hope to help all Board Directors understand, and thus more confidently and effectively manage, cybersecurity risk.
Research
The new SEC cybersecurity disclosure rules will generate an unprecedented insight in the both material cybersecurity incidents but also how corporations manage cybersecurity risk. This represents a tremendous opportunity to qualitatively and quantitatively analyze this data to better understand cybersecurity risk, its impact on organizations and effective risk management techniques. The rule requiring disclosure of cybersecurity incidents with 4 days of determining the incident is material will also significantly drive awareness of cybersecurity to Board Directors, investors, shareholders and the general public. Our research page provides more insights into our areas of research and also where all research will be distributed.
Professional Growth
Cybersecurity is a rapidly changing space and there is a significant shortage of experts. And experts would probably all agree that there is an urgent need for collaboration among everyone involved in cybersecurity risk management. Members of our steering committee are not only committed to collaboration and information sharing but will also benefit from an increased network of cybersecurity professional and knowledge gained focusing on our mission.
Page last updated on December 6, 2023