PRO+ Premium Content/Information Security

Thank you for joining!
Access your Pro+ Content below.
September 2003

Cybersecurity and boards of directors: Understanding corporate risk

Picture yourself, as CISO, standing before two doors marked "Damned If You Do" and "Damned If You Don't," a pitchfork at your back prodding you to choose. CXOs and their boards of directors face the same kinds of choices -- balancing the cost of infosecurity against the risks. As CISO, you not only have to choose the right door, you need to make sure that the message gets through to your company's board of directors. Knowing how they think is essential to ensure that infosecurity maintains a high profile. Today's directors live in a harsher world than their predecessors. They're swimming in the backwash of Enron, WorldCom, Global Crossing, etc. Regulatory compliance is very much on their minds. Directors don't want to be "SarbOxed" -- failing to meet Sarbanes-Oxley Act obligations for fiduciary clarity and truthfulness on the part of officers and directors. Nevertheless, you may face an uphill battle selling infosecurity to the board. Audit and infosecurity are both essential to corporate compliance with laws and regulations and...

Access this PRO+ Content for Free!

Features in this issue

Columns in this issue