Why risk management is critical in cybersecurity

January 12, 2017

If you’re a federal cyber official, the advice in a newly revised handbook on corporate cybersecurity might sound familiar. The new National Association of Corporate Directors’ cybersecurity handbook says cybersecurity is a risk management issue, not an IT matter.

The language echoes what top federal agency IT managers and cybersecurity officials have been saying about how to handle threats at their organizations.

The NACD guidebook, compiled with the help of the Internet Security Alliance, says that cyber threat expertise isn’t a prerequisite for corporate board members, but that corporate boards should have access to that knowledge and consider how cyber affects their companies overall operations, from management to products and supply chains….SOURCE