Take a holistic approach
With remote and hybrid work being the new normal, continuous assessments and improvement of cybersecurity controls and practices across the organisation should be the focus of the board. For this, boards can mandate organisation-wide continuous training and education around cyber threats. It may also be useful to accompany this with a cyber awareness programme. An eye on internal control framework and cybersecurity monitoring procedures is the need of the hour as well.
Cybersecurity activity should not be seen as purely defensive. A company’s ability to adjust and strengthen its cyber resilience will position it for a more secure future. Cybersecurity can therefore act as a strategic enabler of growth by supporting the organisation to retain the trust of customers and employees, fully exploit digital tools, and do business with confidence.
The role of the board is assuming greater importance as cybersecurity risks and threats grow. Boards must now play a more constructive role in advising on post incident response plan and on managing it from a business continuity perspective.