Taking Cyber Security to the Board: Promising Practices for Improving Board Engagement and Performance in Cyber Security

The Conference Board of Canada, 30 pages, December 13, 2016
Briefing by
3.0/5 based on 2 reviews
(You must be signed in and entitled to rate this report)
Cyber security is a systemic risk to any business, but many board members lack the literacy in cyber security that they need to oversee this risk. This report provides a three-stage developmental approach to improving board competence in this area.

Document Highlights

Many Canadian organizations are struggling to maintain their cyber security in an increasingly sophisticated and persistent technology risk environment. Cyber security is a systemic risk to any business and demands the attention of boards of directors.

However, many board members became successful business leaders before technology merited their sustained attention. Their lack of literacy on cyber security means they cannot provide oversight on this critical business risk. Directors can only make responsible decisions if they understand the strategic implications of their choices, so they need to understand how cyber risks fit into the broader risk picture.

This report provides a three-stage developmental approach to improving board competence in this area. It consists of assessing the board’s cyber security capacity, building members’ baseline capabilities, and encouraging them to exercise greater cyber security leadership.

Access document

(you will be asked to sign-in)

To see if you are entitled to get this research for free, take a minute and create a free e-Library account. This will let us determine if someone else at your organization has already purchased access to this material.