Boards and executives are aware of the norm that a data breach is bound to happen. However, they are concerned whether the organisation is prepared to effectively detect and respond to a cyber security incident.
CISO's, IT Managers and administrators need to provide a clear view of the threats facing the organisation, the security controls in place to mitigate these threats, with details of the actual threats that have occured and how they were mitigated.
Through your paid Security Colony account you have access to a range of resources that you can use to effectively communicate cyber security to your board.
- Cyber Security Reporting Dashboards - Slide pack that includes a series of ‘wireframe’ cyber security reporting dashboards that have been delivered to our clients across financial services and gaming industries.
- Cyber Security Strategy & Framework - Slide pack that provides a framework for developing a cyber security strategy that defines an organisation’s key cyber security objectives and initiatives, as well as linking them with its overarching business objectives. It has been developed from a combination of strategies we have developed for our clients across a range of industries, and should be customised based on the specific threats facing your business.
- NIST Cybersecurity Framework Evaluation Questionnaire and Scoring Tool - Spreadsheet providing a methodology for applying the NIST Cybersecurity Framework to evaluate both the current and target states for your organisation's cyber security program across the five core security Functions - Identify, Protect, Detect, Respond and Recover.
- Board Cyber Risk Speaking Notes (Financial Services) - This is a set of real world speaking notes used in delivering an update to the Board Audit Committee of a financial services company. Some elements have been slightly modified to de-sensitise. This is a sample document and can be used as an input to Board (or other senior management) report development and to help gain an understanding of how other organisations are positioning their current situation and initiatives.
Other SecurityColony Features That Can Help
If you have any further questions about how you could effectively communicate cyber security to your board, you can get in touch with us via the "Ask a Consultant" function.
Paid subscribers also have their own Private Forum dedicated to their organisation.
Questions from free users will be answered when we can fit them in (but it generally won't take long).