Cyber risk management: Is your board prepared to lead? — Velma Deleveaux, PhD
--
With over 25 years of experience, including developing cybersecurity strategies, particularly for supply chain risk, I discovered that cybersecurity is far beyond the domain of “cyber geeks.” In today’s digital world, it’s front and center for everyone, especially executive leaders and board members, in every organization.
A probing article in the Harvard Business Review, 7 Pressing Cybersecurity Questions Boards Need to Ask, looks at escalating responsibilities for cyber risk. It underscores the urgent need to advance a vigorous cybersecurity plan — and the board’s emerging leadership role in risk oversight.
Here are three key takeaways from the article:
1. Cybersecurity is bigger than protecting data. As operations and processes are increasingly digitized, cybersecurity has an expansive definition. Directors need a complete picture of the universe of digital threats and a cyber risk framework to guide their journey through it.
2. Cybersecurity is an organization-wide challenge. Board leaders are called to create a cybersecurity culture, one where every member of their organization is asked to be a security champion — mindful of, and accountable for, protecting collective assets.
3. Cyber risk training for board members is an ongoing imperative. Given the ever-evolving digital landscape, board member training is more than a nice-to-have; it’s an urgent business imperative that we must address now. I’m proud of the ongoing work of the Women Business Collaborative (WBC), where I serve on the Women’s Cyber Governance Collaborative (WCGC) Steering Committee. WCGC is working to increase the number of qualified cyber-savvy women in the corporate boardroom. In partnership with Digital Directors Network, WBC will educate and promote a pipeline of women, trained in cyber governance and competent to lead on the boards of public and privately held companies.
In an era of escalating breaches, board members can no longer delegate cybersecurity oversight to cyber executives. We need to take the reins, regularly discuss cybersecurity, demonstrate commitment, and leave no stone unturned in safeguarding the organizations we serve.
****
Velma Deleveaux, Ph.D is an independent board director and strategic advisor to corporate executives, with distinct expertise in corporate growth strategy, enterprise risk, and supply chain risk management.
