As digital transformation becomes a business necessity cyber risks are mounting. Boards at leading organizations are responding by increasingly integrating cybersecurity as a strategic element in their business plans. A natural outcome of this broader understanding of cyber risk has been an evolution in corporate structure sometimes generated by governmental regulatory oversights and sometimes by innovative business thinking. While the specific structures continue to evolve in ways unique to individual enter-prise business plans there are some themes that seem to be common. These themes include a flatter, less siloed approach engaging a multi-stakeholder grouping into the discussions on cyber risk, elevating the reporting structure for these responsible for managing cyber risk. Initial research suggests that such structures can both enhance the cyber risk management function and improve business efficiency.
Combining Technology, Public Policy and Economics to Create a Sustainable System of Cybersecurity
Larry Clinton is President of the Internet Security Alliance. He advises industry and government on cyber policy. He has briefed NATO, the OAS and G-20 and the US Congress. He has twice been named to the Corporate 100 list of the most influential individuals in corporate governance. He has written cybersecurity best practices books used in the US, Europe, Latin America and Asia.