Boards of Directors: Cyber Risk is the Cost of Doing Business

And this absolutely raises the stakes for Boards of Directors and the critical role they play in an organization’s cyber resilience strategy. With data being the lifeblood of any organization, enterprise preparedness and business continuity planning can’t be just an annual exercise. Not when attackers continue reaching into an increasingly sophisticated bag of tricks that includes everything from AI-based deep fakes to automated hacking techniques. Given the current threat landscape, we must all be in a state of continual assessment and this includes keeping cyber priorities at the top of the agenda for board updates, versus waiting for an end-of-year summary. As we know, despite all the investments made in cybersecuritry it is not a set and forget proposition. Breaches will happen and business leaders and security professionals need to find a way forward to get ahead of the threat. Today that necessitates employing new and different approaches to mitigate breaches and data compromise, and the board plays a vital role in driving this evolution.

1. Cybersecurity is a strategic business enabler
2. Economics drive cyber risk
3. Cyber risk management must align with business needs
4. The design of organizations must support cybersecurity
5. Cybersecurity expertise needs to be integrated into board governance
6. Systemic resilience and collaboration ought to be encouraged

Principles for Board Governance of Cyber of Cyber Risk (Webinar)

Board engagement on cyber risk management is central to the work of the World Economic Forum’s cyber risk and corporate governance initiative that Forcepoint has been supporting the last year. A key focus of this initiative’s mission is to help counsel directors on dealing with technology and cyber risk in collaboration with the National Association of Corporate Directors, the Internet Security Alliance, and the World Economic Forum’s corporate partners. Together, this consortium developed a recent report that established six principles to help boards guide their organizations to becoming more cyber resilient. These included;

After all, when more than 70% of breaches are financially motivated, the attacker’s burgeoning enterprise can become your biggest competitor. Modernizing security now to protect your organization’s digital crown jewels and business integrity can move your mission forward, whether that’s growing revenue or helping your communities recover from the pandemic, and ultimately become a competitive differentiator ahead.

Recently, I joined fellow collaborators within this initiative – Dan Dobrygowski, head of governance and trust at the World Economic Forum’s Center for Cybersecurity, and Maya Bundt, head of cyber and digital solutions at Swiss Reinsurance – for a fireside chat on some of the key findings from the report to help business leaders better understand the business impact of cyber risk and stay ahead of today’s threats. Our discussion dove into four of the aforementioned principles: how cybersecurity enables business, the economic drivers of cyber risk, aligning with business needs, and ways to incorporate cyber expertise into board governance. We believe adapting to cyber risk is the cost of doing business today. In response, boards must view cyber risk management as an enterprise-wide priority and core to their fidicuary duty.

Please join us for this discussion by registering for the July 21 webcast.