Why Boards Need to Take Cyber Security Seriously

Business people meeting at table in conference room

Do executive boards of companies take cyber security seriously enough?  According to the UK’s new CEO of the National Cyber Security Centre (NCSC), Lindy Cameron, the answer is no.

In a speech Cameron gave at Queen’s University, Belfast, she said, “The cybersecurity landscape we see now in the UK reflects huge progress and relative strength – but it is not a position we can be complacent about. Cyber security is still not taken as seriously as it should be, and simply is not embedded into the UK’s boardroom thinking.” She also said that cybersecurity should be viewed with the same importance to CEOs as finance and legal issues are.

Cameron also spoke about how things can go wrong when there is a cyber security plan in place and the board doesn’t take notice of it: “I’ve talked to organizations which have walked in on Monday mornings to find they can’t turn on their computers or phones, the backup plan was not printed out so they couldn’t find a phone number.”

Whatever way you want to look at it, executive directors and boards need to be involved with cyber security. In the same way that the CEO is looking to their CFO for financial guidance, is the same way they should look at the CISO role.  Not only that, but the board also needs to know what the response plan is in the event of a cyber incident. 

In addition to approving funding for cyber security technology and cyber awareness training, the board of directors need to be on board with the breach readiness plan.  A good breach readiness plan will help your organization know what your initial cyber security risk is and how to improve it, have an up-to-date list of critical assets, as well as an up-to-date contact list of who to call in the event of a cyber incident. 

Uzado’s Breach Readiness as a Service includes ongoing meetings to ensure your plan is up-to-date, tabletop exercises executed at least twice a year to practice your organization’s response to threats, an annual review, and 24x7x365 support to help you initiate a response to a breach. If you are ready to take your organization’s cyber security to the next level, contact Uzado today.