Cyber risk for the Board is as important as financial risk and health and safety. The responsibility for data security can no longer be solely managed by the IT department. Leaders must actively review and approve data security policies.
Leaders don’t need to be technical experts, but they need to know enough about the threats and risks and be able to have a conversation with their experts about these, and understand the right questions to ask.
Protecting information assets is of critical importance to the sustainability and competitiveness of businesses. All organisations, regardless of size or sector, need to be on the front-foot in terms of their cyber preparedness. Cyber resilience is all too often thought of as an IT issue, rather than the strategic risk management issue it is.