Board members must be aware of the risks posed by cyberattacks to their business to ensure that they steer the company in the right direction. But it’s not always straightforward.
Cybersecurity has traditionally been a domain dominated by technologists in remote server rooms. After the repercussions of massive security breaches such as Equifax and Colonial Pipeline, however, it’s become clear that cyber risk is an obvious and current business risk that affects every aspect of an organization.
As a result, boards are demanding more from their security teams and CISOs. Board members need to understand how a properly trained security team can protect themselves against sophisticated threats, whether that’s through increasing spending on new solutions or ensuring that employees are educated. This message should be communicated to non-technical executives in the boardroom.
One way to do this is through leveraging real-time data and aligning security goals with business objectives. Through regular communication which highlight the changes in your security measures, a lowering risk index, as well as other important metrics, you can provide the board members the information they require to influence decisions. Create a narrative instead of just passing around numbers. You can demonstrate to your audience how their quick actions have thwarted a crucial threat by presenting a true live example.
https://greatboardroom.com/recommendations-on-being-a-better-nonprofit-board-member/