Cybersecurity: The Board’s Role and Assessing the Evolving Risk

Boards have learned that cybersecurity is an important consideration, and many have worked with management to ensure that investments are being made in protecting their organizations from threats. However, cybersecurity is not a one-time activity that can create perpetual protection. Cybersecurity shifts and evolves constantly as new threats, changes in technology (e.g. digitalization, IoT, AI), and human error events create new vulnerabilities. While change is necessary for competitiveness, agility and improved outcomes, these vulnerabilities can contribute to an ever-attractive attack surface for persistent perpetrators if not managed.

Those acting in governance roles face a number of common questions. What is the board’s role in overseeing cyber risk? How does a board member stay current on evolving risks? What are some of the important questions to ask to help understand the exposure and risks?

This session will bring together a group of cyber executives who are accustomed to addressing daily threats, and have accountability to provide “plain speak” updates and keep executive leadership and boards of directors aware of the risks. This group will share the reality of the situation, and give careful reflections on how cybersecurity needs to be supported and understood by executives and the board.

In addition, this session will cover off a top 10 list of questions boards should ask about cyber risk, and provide an overview of emerging cyber-risk factors in relation to the impact of COVID-19 and the future of work.