Tag Archive for: Board of Directors

4 tips for aligning security with business objectives

/by

TechTarget | February 11, 2021

Today’s most effective CISOs develop cybersecurity strategies that fit their organizations’ risk appetites and support business growth. Learn how they do it….

Of course, to successfully align cybersecurity initiatives with business goals, CISOs need buy-in from and access to their CEOs and boards of directors, added Ray Rothrock, executive chairman of the board at cyber-risk modeling company RedSeal. Such support is far from a given. A 2018 survey by PwC found just 40% of CISOs reported directly to CEOs and only 27% to their boards of directors.

Read More

Forget Cybersecurity

/by

Corporate Board Member| December 6, 2019

Cyber risk is a board-level issue because a breach can crush a company’s stock price, tarnish its reputation and scare off customers and partners. A study by the Ponemon Institute revealed that a company’s stock price drops an average of 5 percent immediately after a breach is exposed. The study further found that companies lose an average of $3.92 million in revenue and a significant portion of their customers after a breach.

It’s no longer a question of whether a company will experience an attack, but when. Security is about hunkering down, while resilience means being able to operate after a breach. Here’s what directors need to know.

Read More

Revealed: The cyber Achilles heel for large companies

/by

Corporate Risk and Compliance | August 28, 2018

While a new survey from analytics firm FICO has found that the number of US companies with full-coverage cybersecurity insurance has skyrocketed from last year, 24% still reported that they did not have any cyber insurance. For those that remain uninsured, and the insurance companies with an eye on targeting these firms, a cybersecurity analytics platform has come up with a more effective way to price policies.

“From a cybersecurity perspective, when you’re an insurance company and you’re writing a policy for somebody, how do you charge them for it? We measure the risk and give them the metrics to charge for that policy,” said Steve Timmerman, VP of marketing and business development at RedSeal, which offers enterprise software that builds a model of a company’s network, identifies vulnerabilities, and provides a digital resiliency score that allows insurers to write a cyber premium based on that score.

Read More

The Board’s Role in Managing Cybersecurity Risks

/by

MIT Sloan Management Review | November 16, 2017

Ray Rothrock (RedSeal), James Kaplan (McKinsey & Co.), and Friso van der Oord (National Association of Corporate Directors) write that cybersecurity can no longer be the concern of just the IT department. Within organizations, it needs to be everyone’s business — including the board’s.

Read More