It is not easy being a chief information officer (CIO) these days, let alone a board member. For the CIO, having to shoulder the responsibility for cybersecurity can be challenging, with an operational outcome of effort and risk that combines with the threat outlay. Many senior executives now realize that cybersecurity and the risk for security do not lie solely with the Information Technology (IT) team. It is, in fact, an organizational problem.

Indeed, dealing with cybersecurity is not an operational task the chief executive officer (CEO) or the senior management team needs to deal with at the operational level. However, the members of the board require oversight, and for that, the board needs to understand all the risks, including cybersecurity risks. According to the National Association of Corporate Directors, 31 percent of board members surveyed are dissatisfied with the quality of cybersecurity information provided by management.¹ Leadership needs to be prepared.

In the News

News coverage of cybersecurity breaches is everywhere. Traditional news feeds, social media, and blogs all report on negative impacts on organizations regarding breaches. In 2018, consumers saw one of the most significant breaches in history. Starwood ...