The number of cyber crimes are only increasing day by day. Millions are falling prey to phishing scams, ransomware & spyware, DDoS attacks. The online threat to companies, big or small and individuals too is large and growing. Around the world, National Crime Agencies, Police Forces, Company Security teams are all fighting this menace – but they need more help. They need people like you.
If you’re convinced that the threat is real, you will also appreciate that there’s much work to be done to up-level the Board Room governance on matters relating to cybersecurity, data protection and privacy. The work therefore is to figure out what should be the nature of the leadership and oversight that you, your fellow directors and c-suite leaders should be providing to manage and mitigate the risks.
And remember it’s not just about securing the information. You also have an obligation to protect the privacy of those who share their information with you.
The four questions that you will want to immediately put to management about data breaches and security incidents are:
- How are you preventing them? Human error is a major contributor to data breaches. You may hear about password management and prompt installation of patches. However the response you get should also include a reference to user awareness training.
- How are you detecting them? The response should include mention of antivirus software, and maybe even penetration testing.
- How are you responding to them? The response should include a reference to incident report or breach response plan. You may also hear of cybersecurity insurance in place to mitigate losses.
- How are you reporting on them? You want to know the metrics shared, to whom, and with what frequency. And what follow up measures are taken as a consequence of information shared.
Champion this cause and your customers and employees will love you!