A good refresher: Cybersecurity, the role of the board

The rapid pace of cyberattacks and extensive media coverage they receive can create confusion for corporate directors on their role with regards to cybersecurity. This article is a good refresher as to the role of the board. It proposes 5 key aspects of the board role: accept the responsibility, set expectations for management, understand your cyber-risks, assess current cyber-security practices and plan and rehearse. I would add to that, based on recent findings, discuss the adoption of a cybersecurity framework like NIST. To assist in the evaluation of current practices, I refer you to a list of questions on the state of cybersecurity I have published http://www.joseemorin.ca/en-tools/