Knowing how to prepare for, protect and respond to a data security breach is one of the most critical enterprise risk tasks faced by organizations today. The board's oversight role is to ensure that management has an appropriate cyber defense strategy and measures in place. The impact of a successful data breach can extend beyond financial loss to brand and reputational damage, therefore, how an organization prepares for and manages a data breach incident plays a critical role in mitigating risk for all stakeholders.

The board must consider the following:

  • Does the organization have an inventory of the data that it holds?
  • Is the organization maintaining too much data thereby making it a bigger target for a cyber breach?
  • What is the potential regulatory and enforcement risk to the organization for a data breach?
  • Does the organization operate critical infrastructure which makes it a target for cyber attacks by nation-states or cyber criminals that may wish to damage or destroy this infrastructure?

Explore these and other key questions the board should be asking about Cyber Risk.

Connect with us

Stay up to date with what matters to you

Gain access to personalized content based on your interests by signing up today

Connect with us

Explore the Board Leadership Centre