Image for post
Image for post
Cyber skills are often absent in the boardroom. Photo by Drew Beamer on Unsplash

Few corporate boards feel adequately skilled for cyber security. It’s a complex and fast moving risk that has developed at a pace since many independent directors and NEDs were hands on executives. For executive directors, cyber is a challenging pain point that can be difficult to fully get your head around. It’s often an issue that leaves board members with a sense of discomfort.

Board members bring value through having ‘been there and done it’: no seminar can replicate that. Increasing the diversity of skills on a board is always a good idea, as long as new non-executive board members can learn to operate at a strategic level and stay ‘hands-off’ in a non-executive capacity. …


Understanding how the board can support an effective cyber program can be hard, not least as it can be well outside the expertise of board members. I recently teamed up with the Institute of Directors to provide this essential guidance for boards and non-executive directors.

Image for post
Image for post
Cyber can be challenge in the board room. Photo by Scott Walsh on Unsplash

In just a few years, cyber has transformed from the nerd in the corner into the Kim Kardashian of risk. Everyone, it seems, has an opinion on the issue. That’s because it’s serious — businesses can be built on, and destroyed by, cyber risk.

The World Economic Forum’s Global Risks Report 2019 ranks cyber attacks among the top seven risks facing the planet in terms of likelihood and impact, while high-profile CEOs including Warren Buffett of Berkshire Hathaway and Jamie Dimon of JPMorgan Chase see them as the number-one threat to business.

Despite this, a Willis Towers Watson poll of 1,300 large international organisations has found that only 11 per cent of boards have taken direct responsibility for their firms’ cyber security. …


Increasingly, governments are taking action to reduce the cyber risk from foreign technology firms. But is this justified — or based fear, uncertainty and doubt?

Image for post
Image for post
image from 123rf, licensed by Cyberclaria

Over recent months, a consistent theme in the media has been the threat posed by Chinese security and network solutions. …


To experts, the cyber security business case is often clear as day — it can even be hard to understand why rational business leaders may say no to investment. Yet they do. Here’s how to get a yes.

Image for post
Image for post
Winning board support for cyber security projects is a critical challenge for security leaders and Chief Information Security Officers. Photo by Daniela Mota on Unsplash

Yesterday I was asked by a CISO (let’s call him Robert¹) why his Risk Committee pitch was not being heard. …

About

Cyber Strategy & Leadership

Enabling business leaders to meet the challenge of cyber security

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store