One of the most important jobs of the board is to challenge management and test their assumptions about strategy, the competitive environment, and associated risks and opportunities. Many directors would say that they are most passionate about this part of their role, and in today’s business environment it has never been more critical. Cybersecurity is a common theme in such discussions, because it’s a significant enterprise-wide risk and strategy issue that affects all organizations.
Just by reading the news headlines, it’s clear that cyber risks can have an impact well beyond technology—they affect new business plans and product/service offerings, mergers and acquisitions, supply chain and purchasing decisions, and major capital investment decisions such as facility expansions and upgrades, R&D processes, HR policies and more. As a result, cybersecurity has moved out of the IT silo and sits front and center on boardroom agendas….SOURCE