{"id":1932,"date":"2018-11-01T02:42:38","date_gmt":"2018-11-01T02:42:38","guid":{"rendered":"http:\/\/www.blackopspartners.com\/?p=1932"},"modified":"2018-11-01T02:42:38","modified_gmt":"2018-11-01T02:42:38","slug":"cyber-is-a-boardroom-issue-in-2018","status":"publish","type":"post","link":"https:\/\/blackopspartners.com\/cyber-is-a-boardroom-issue-in-2018\/","title":{"rendered":"Cyber Is a Boardroom Issue in 2018"},"content":{"rendered":"<p>Based on studies and interviews with corporate board members and chief information security officers (CISOs), the <em><a href=\"https:\/\/go.focal-point.com\/cyber-balance-sheet-report\" rel=\"nofollow noopener\" target=\"_blank\">Cyber Balance Sheet<\/a><\/em>, published by <a href=\"https:\/\/focal-point.com\/\" target=\"_self\" rel=\"noopener noreferrer nofollow\">Focal Point Data Risk<\/a> and produced by the <a href=\"https:\/\/www.cyentia.com\/\" target=\"_self\" rel=\"noopener noreferrer nofollow\">Cyentia Institute<\/a>, found that boardrooms are engaging in more conversations about security.<\/p>\n<p>While the talks about cyber risk are more commonplace, the C-suite and security leaders are still struggling to effectively translate security risks into an effective decision-making framework that enables the business to operate within its proper risk appetite.<\/p>\n<p>Not surprisingly, the report found that many organizations lack a formal cyber-risk appetite. Years of data breach headlines increase awareness, but less than half of respondents could describe their organization\u2019s cyber-risk appetite quantitatively. This gap revealed why leaders second-guess and struggle to effectively weigh risks of new technologies, supply chains and other change factors.<\/p>\n<p>In addition, metrics reportedly muddy what matters when it comes to boardroom reporting. Security leaders continue to share statistics like \u201ccompliance status\u201d and \u201csecurity program maturity.\u201d Despite the need for decision makers to act swiftly with regard to risks from third parties and supply chains, those topics are less frequently included in the stats shared with the board.<\/p>\n<p>As a result, the report found that finding the balance of topic coverage that yields the necessary return on reporting remains a problem. To fix the metrics puzzle, boards are pressing CISOs to find new reporting metrics that spur the most strategic, valuable returns in resourcing and evolving cybersecurity.<\/p>\n<p>\u201cThis year\u2019s Cyber Balance Sheet Report dispels the \u2018cyber is a boardroom issue\u2019 clich\u00e9 by showing that not only have board members already received the cyber risk message loud and clear, they are actively initiating more discussion about breaches and threats that could upend their organizations,\u201d said Andrew Cannata, Focal Point\u2019s CISO and national cybersecurity practice leader, in a <a href=\"https:\/\/www.businesswire.com\/news\/home\/20181030005134\/en\/Cyber-Balance-Sheet-Report-Reveals-Risk-Appetite\" target=\"_self\" rel=\"noopener noreferrer nofollow\">press release<\/a>.<\/p>\n<p>\u201cThe more important issue uncovered by the research is that this surge of interest \u2013 while commendable \u2013 seldom resolves executives\u2019 two most important questions: \u2018What is our risk appetite?\u2019 and \u2018Are we operating in or out of this comfort zone?\u2019 When these questions are buried or unanswered, it becomes a recipe for miscalculation and false assurances. Helpfully, security teams and business leaders can use the report\u2019s anecdotes and data to revisit how they frame risk management with leadership.\u201d<\/p>\n<p>&nbsp;<\/p>\n<p><em>Read more at <a href=\"https:\/\/www.infosecurity-magazine.com\/news\/cyber-is-a-boardroom-issue-in-2018\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">InfoSecurity Magazine<\/a>.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Based on studies and interviews with corporate board members and chief information security officers (CISOs), the Cyber Balance Sheet, published by Focal Point Data Risk and produced by the Cyentia Institute, found that boardrooms are engaging in more conversations about security. While the talks about cyber risk are more commonplace, the C-suite and security leaders [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[10],"tags":[25,22],"acf":[],"_links":{"self":[{"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/posts\/1932"}],"collection":[{"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/comments?post=1932"}],"version-history":[{"count":0,"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/posts\/1932\/revisions"}],"wp:attachment":[{"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/media?parent=1932"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/categories?post=1932"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blackopspartners.com\/wp-json\/wp\/v2\/tags?post=1932"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}