The board of directors’ role in information security and privacy by Daimon Geopfert
The role of the board of directors has shifted as information technology (IT) systems consume critical processes and data and encounter more risk. Traditionally, the board manages financial risks and business strategy, but its role must expand as IT security and privacy concerns impact those areas of the organization. IT systems have become “the business,” and as well-publicized security and privacy breaches emphasize the new reality, boards are faced with several complex challenges.
- Removing or reducing the number of data breach targets
- Communicating to employees with the right tone and messaging
- Ensuring that processes and response plans are not only established, but also actively tested and practiced
- Establishing proper roles and staffing
- Communicating with peers and outsiders, as security and privacy is a community effort
Read more and download the white paper: