Thomas Bennett, Executive Chairman, CEO Mentor, Incubator Venture Capitalist and a Board Member participates in Risk Roundup with Jayshree Pandya to discuss “Why Corporate Boards Must have Cyber-Security Expertise”. Introduction What is the role and function of a board? One of the key functions of company boards has historically been to balance risk against the ability to generate revenue and profit. Everything has risks and risks are inevitable. It is the ability to take risks that gives individuals and entities across nations: its government, industries, organizations, and academia (NGIOA), possibility of progress and advancement. Irrespective of industries, progress and advancement is all about risk taking. But when risk transcends initiatives, businesses, industries, borders, cultures, nations, societies and human existence, taking timely and relevant risk initiatives, is a necessary forward-looking move. Cyberspace has brought complex, chaotic, and challenging time for each entity, each business, each corporation: large and small, public or private in cyberspace, geospace and space (CGS). As cyberspace is deeply embedded across each component of a nation: that is its government, industries, organizations and academia, its crowded interconnections have caught everyone off guard. Cyber breaches are seemingly becoming a new norm and cyber-security is no longer an IT problem. The digital global age has made cyber-security everyone’s problems. When cyber-security has become everyone’s problem, the board needs to begin by understanding what exactly is a cyber-security risk. How does cyberspace and cyber-security risks change their traditional role and responsibilities? From information security, network security, data security to strategic security, understanding and expertise around security risks is now becoming an absolute survival necessity—even for boards. Boards are beginning to understand that cybercrime and cyber-security risks, be it tactical or strategic, is a risk management issue that affects not only today of the entire organization, but also the coming tomorrow. While, keeping up with the complex, rapidly evolving risks from cyberspace, geospace and space is a complex challenge, understanding what is at risk is even a bigger challenge. Let us take a moment to evaluate further- How Does The Board Define “Risk” In The Context Of Cyberspace And Cyber-Security? In the context of cyberspace, cyber-security risks are those risks that arise from the potential of losing the value of the current as well as strategic entities, events and relationships. It could range from current and strategic industries, businesses, technology, information and communication and so on. It is a measure of the extent to which an entity within any NGIOA is threatened by the potential changes of and due to the cyberspace and is typically a function of: * the adverse impact that would arise from the loss of confidentiality, security, stability, safety, necessity, value or availability of the current entities, events and relationships of any component of an NGIOA in CGS. * and the likelihood of the potential adverse impact to the current and strategic operations of respective NGIOA in CGS. How Does Board Currently Define “Security”? For much of human history the concept of security has largely revolved around use of force and territorial integrity. That definition is no longer accurate in cyberspace and digital global age. It’s no longer accurate because, to a large extent, nations no longer face, as they have so often in their past, a conventional threat of attack, on their geographical territory, by a hostile power. But they are more vulnerable to many other kinds of attacks in cyberspace and because of cyberspace in geosp...
No transcript available.
POWERED BY BLUBRRY
