SBN

Leveraging board governance for cybersecurity

Michael Figueroa, President and Executive Director of the Advanced Cyber Security Center (ACSC), discusses the importance of leveraging board governance in cybersecurity initiatives.

Cybersecurity Live - Boston

– Join the fight against cybercrime: https://infosecinstitute.com

–Special offer for Cyber Work listeners: https://www.infosecinstitute.com/podcast

In the podcast, Figueroa and host Chris Sienko discuss:

– Why are so many organizations still unaware of the need for strong unified security planning? (1:44)

– Is this a situation where C-suite members shoulder the burden of security on themselves, or even assume that it’s just IT’s problem and leave it at that? (3:38)

– Tell us about the survey mentioned in the briefing between ACSC member CISOs and CIOs representing organizations from a range of sectors. What were some of the perspectives discussed in this meeting? (5:00)

– Were there any compelling scenarios or real-world examples at the meeting that made for compelling stories? (7:32)

– What should be the first step for an organization that has critically neglected it digital cybersecurity strategy? (9:48)

– What are some steps one can make to make your board more cyber-seasoned, both with planning and day-to-day operations? (13:35)

– What is the role of non-human identities? Do things like service accounts that connect to modular coding components, microservices, software containers and APIs feed into this issue? (14:46)

– In your report, you noted that there is a need “for a risk standard… that would help guide decision making.” What are the first steps that nee to be taken to craft such a standard? Has there been any work on this since the release of the report? (17:37)

(Read more...)

*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Hunter Reed. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/fzhe4c49Fs4/