Gartner predicts that by 2026, 70% of boards will include one member with cybersecurity expertise.
In the meantime, however, CISOs need to acknowledge that this is important to the board. This means not only showing how the cybersecurity program prevents bad things from happening. But perhaps more importantly, how cybersecurity improves the enterprise’s ability to take risks effectively. Even better, how to use cybersecurity as a competitive advantage.
Gartner recommends CISOs get ahead of the change to promote and support cybersecurity to the board and establish a closer relationship to improve trust and support.
Alex Tilley, head of threat intelligence for Asia Pacific and Japan (APJ) at Secureworks acknowledges that security is everyone's business. While acknowledging the massive investments in security technology, what is just as important is recognising the threats and understanding where the company stands.
He opined that in an organisation that has a security culture in place, people are not afraid to acknowledge that cybersecurity-related mistakes may have happened.
"Where we sit as an organisation in the world, all the way down to individual staff members and how they conduct their day-to-day business, things like phishing. These days it is around security culture, around being supportive and not punitive," he continued.
For the full article and PodChat, please click here.
