Today corporate data is at a higher risk of theft than ever before. C-level officers have the duty to protect the digital assets of their organizations. Moreover, laws and regulations impose specific privacy and cybersecurity obligations on companies. Cybersecurity requires active oversight by boards and senior executives.
Carnegie Mellon CyLab has released its third survey on how boards and senior executives are governing the privacy and security of their organizations’ digital assets.Using the Forbes Global 2000 list, the survey indicate a serious lack of attention at the top. Although organizationally, boards are forming Risk Committees within their organizations, they are not regularly engaging in key cybersecurity governance activities.
One of the most important findings of the survey is that boards still are not exercising appropriate governance over the privacy and security of their digital assets. Here are more interesting findings from the survey:
Contrary to what some CEOs may think, information security is a boardroom issue. How does your company protect the information it uses? Do you know?
As a CEO, you have the responsibility to understand what information your organization owns, which are the greatest risks and what is the CISO/CSO doing to protect it.
Here are some questions you should have an answer to: