Cybersecurity Should Be on the Agenda of Every Board of Directors
Cybersecurity is one of the most significant business challenges that organizations face today. The Center for Strategic and International Studies reports that global business losses from cybercrime reached nearly $1 trillion in 2020, almost double the previous year’s losses. Cybersecurity is a risk management issue that requires board-level oversight.
Nevertheless, many companies continue to treat security as a technology problem, despite the fact that a security breach can have a devastating impact on the business as a whole. A new Enterprise Strategy Group (ESG) research report finds that only 51 percent of Chief Information Security Officers (CISOs) have adequate participation in executive and board-level decisions. In 27 percent of organizations, the relationship between security pros and the board of directors is fair or poor.
The reasons for this disconnect are complex. Many business leaders have misconceptions about cybersecurity and significant gaps in their understanding of how to address threats. Some still view security as a cost to be minimized rather than an investment that directly impacts the bottom line.
However, the board has a fiduciary duty to protect the company’s assets and reputation. Directors should seek the advice of experts who can advise them on security strategies. They should also acknowledge the strategic importance of cybersecurity through adequate funding and support.
Aligning Security with the Business
The cybersecurity professionals surveyed by ESG had a number of suggestions for improving the relationship between business leaders and the cybersecurity team. Almost half (41 percent) said the board should encourage the participation of security pros in business strategy and planning sessions. Cybersecurity pros are also looking for guidance — 38 percent said the board should help the security team understand the business impact of cyber threats, while 31 percent said the board should help prioritize cybersecurity initiatives that protect business-critical assets.
IT and cybersecurity leaders should also take steps to bring the board and executive management up to speed. Conversations about security should be free of technical jargon and focused on specific business risks. Cybersecurity pros should present information on the types of cyberattacks that are of greatest concern and the probability of exposure based upon the security controls that the organization has in place.
Because the board is responsible for evaluating and monitoring spending, it’s important to provide data that shows the value of cybersecurity investments. For example, cybersecurity pros should describe how security tools help them identify, contain and eradicate threats, and compare the cost of these preventive measures to the cost of a security breach.
How GDS Can Help
The security professionals at GDS have a rare combination of deep technical expertise and business acumen, and a proven track record of success helping organizations in a wide range of industries develop cybersecurity strategies. Our independent, third-party perspective facilitates the conversation between IT and executive leadership and enables more-informed decision-making regarding security investments.
The security professionals at GDS have a rare combination of deep technical expertise and business acumen.
We also help relieve the burden on your in-house IT team with security solutions that are monitored and managed around the clock. By letting us secure your IT infrastructure, end-user devices, email and web traffic, you allow your team to focus on strategic initiatives.
A security breach can have serious repercussions, including lost sales, litigation, regulatory compliance fines and negative publicity. As a result, cybersecurity should be a priority at the board level. GDS can help provide the guidance and directors and executives need to ensure that key business assets are protected.
Benefits of Managed IT Services from Global Data Systems
- Strategic Managed IT: We help you solve your technology related business problems.
- Connectivity: We get you reliable, secure connectivity anywhere in the western hemisphere in 48 hours.
- Support: When you need help simply call our 24x7x365 support number.
- Billing: Instead of managing hundreds of vendors - get one, easy to read bill from GDS.