Key questions for evaluating the profession’s practices in the crisis Risk is the absence of information. There is risk in absolutely…
Boards can no longer relegate cybersecurity to the IT department—but how exactly do they get engaged with people on the frontlines? To get some clarity, Corporate Board Member talked with David X. Martin, author of The Nature of Risk and co-chair of The Directors and Chief Risk Officers Group.
To compete and win in today’s technology-driven world, companies need to get cybersecurity right. And boards must provide the oversight to ensure that they get there.
A security awareness program is a formal program with the goal of training users of the potential threats to an organization and how to avoid situations that might put the organization’s data at risk.
To protect sensitive data, security controls needs to guard weaknesses in the system and offer only required functionality to authorized users.
Cybersecurity is the practice of defending computers, servers, mobile devices, electronic and operational systems, networks and data from cyber attacks.
Disaster recovery refers to a process that includes performing risk assessment, establishing priorities, developing recovery strategies in case of a…
The first of three steps is to designate a senior partner who’s the responsible officer for firm-wide cybersecurity. In the day-to-day management of technology or in a crisis, it is far better to have a skillful leader rather than a subject matter expert. In choosing the right person, his or her leadership skills — communication and crisis management — are equally important.
If you switch from reacting to attacks to preventing them through a cyber wellness program, you’ll be prepared. Here are four steps you need to take if a database gets hacked.
It’s up to management to make sure IT’s got a seat at the table, Martin says in this interview on the Business Security Weekly podcast.