<h3>NACD asks ISA to create best practices guide for corporate board of directors</h3>
The National Association of Corporate Directors (NACD) asked ISA to put together a guide of best practices for corporate directors. With input from the ISA Board of Directors, and in close collaboration with AIG, ISA was tasked to identify best practices in corporate governance and share lessons learned from leaders in industry.
“Ninety percent of directors participating in our latest governance survey indicated they would like to improve their understanding of cybersecurity risk,” said Ken Daly, NACD president and CEO. “This handbook provides boards with practical tools to do just that, including self- assessment questions for directors, sample board report dashboards, and guidelines for conversations with management.”
As corporate fiduciaries, Board members as well as corporate officers are required to exercise both a “duty-of-care” and a “duty-of-loyalty” with responsibilities that extend into the oversight of cyber security risk. The ISA / NACD guide will offer special insight into how boards can most effectively direct their attention to address these responsibilities.
This unique publication is organized around five key principles and covers a wide spectrum of board-level considerations related to oversight of cybersecurity, including board composition, liability implications, disclosure issues, access to expertise, and risk appetite calibration.
Recent breaches in both the public and private sectors have put the issue of cybersecurity on every board’s agenda. This handbook is a natural extension of ISA’s mission to create private sector standards and practices that integrate both the technological and economic aspects of cybersecurity.
The document was released at the first ever conference focused exclusively on cyber security for corporate boards sponsored by NACD in Chicago. ISA President Larry Clinton moderated and presented at the conference and two distinguished ISA Board members / contributors to the guide were also present: Marc Sachs of Verizon and Gil Vega of AIG.
Following its release, the Department of Homeland Security endorsed the ISA Cyber Risk Oversight Handbook making it the first, and only, private sector document that the has included in government’s program to promote adoption of the NIST Framework for cyber security created by the President’s Executive Order on Cyber Security. DHS endorsed the ISA/NACD/AIG handbook at a joint press conference at the National Press Club. DHS Assistant Secretary for Cybersecurity and Communications Dr. Andy Ozment, NACD President & CEO Ken Daly, and AIG Head of Cyber Products Mark Camillo spoke at the press conference along with ISA President Larry Clinton. <a href=”https://www.us-cert.gov/ccubedvp/getting-started-business”>The Handbook is now freely available to the public on the DHS website</a>.
To view the Best Practices Handbook, document, <a href=”http://www.nacdonline.org/cyber”>Click Here</a>