Follow on Google News News By Tag Industry News News By Location Country(s) Industry News
Follow on Google News | Information Security Forum: Engagement with the Board Key in Addressing Information Risk ManagementLeading Information Security Organization Finds When Boards and CISOs Engage Successfully, Businesses are More Likely to Realize Strategic Benefits
By: Information Security Forum “When boards and CISOs engage successfully, organizations are better able to take advantage of the opportunities presented by cyberspace and today’s information technology while addressing the associated risk,” said Michael de Crespigny, CEO, ISF. “To manage the risk/reward balance, CISOs must drive engagement across their organizations, changing the conversation to convey the value of information security to the organization – in terms that resonate with top decision makers and align with business objectives.” Cyberspace is continually evolving: its potential and threats, vulnerabilities, complexity and interconnectivity are always changing. The threat is asymmetric, as activists, cyber criminals and nation states disproportionately increase traditional information risks. In many organizations, cyber opportunities and risks are a board-level issue, so the CISO needs to engage right up to the boardroom level, where information strategy and risk should sit comfortably with other types of strategy and risk that the board oversees. “CISOs need to lead and drive engagement with the board – and start by changing the conversation,” The ISF’s latest report, Engaging with the Board, shares lessons learned from CISOs who have mastered engagement across their organizations and with their boards. Its guidance is grouped into a framework that contains activities, tips and warnings that can help CISOs to engage with business leaders across their organizations. Input for the report was gathered from workshops and meetings with ISF Members around the world, interviews with subject matter experts including CISOs from a variety of countries, ISF Member case studies and thought leadership provided by the ISF Global Team. The path to board engagement is not straightforward. Research for this report uncovered a wide range of hazards, from CISOs lacking personal credibility to not adequately preparing the board for the message. Organizations, their boards and committees are complex – involving personalities, power, relationships and unwritten rules. Navigating this organizational jungle, with its many moving parts, requires ingenuity, careful preparation and ongoing effort. Engaging with the Board is available now for purchase from the ISF Store on ISF’s website www.securityforum.org as is a free Executive Summary. Information Security Forum (ISF) Founded in 1989, the Information Security Forum (ISF) is an independent, not-for-profit association of leading organizations from around the world. It is dedicated to investigating, clarifying and resolving key issues in cyber, information security and risk management and developing best practice methodologies, processes and solutions that meet the business needs of its Members. ISF Members benefit from harnessing and sharing in-depth knowledge and practical experience drawn from within their organizations and developed through an extensive research and work program. The ISF provides a confidential forum and framework, which ensures that Members adopt leading-edge information security strategies and solutions. And by working together, Members avoid the major expenditure required to reach the same goals on their own. Further information about ISF research and membership is available from www.securityforum.org End
Account Email Address Account Phone Number Disclaimer Report Abuse
|
|