Questions for #CxOChat: Communicating to Boards on Cyber Security
For today’s CrowdChat I’ve prepared several questions that I’m sharing with you ahead of the chat. As a reminder, we’re gathering in the Chat at 12 Noon EDT today (May 12, 2016). It’s an “Always On” chat so if you can’t make it today, feel free to chime in at your convenience. Here’s the URL for the CrowdChat:
I’ll be moderating and have prepared some questions ahead of time…feel free to add your own inside the Chat. You must log in with Twitter, LinkedIn or Facebook to comment. CrowdChat will automatically place the #CxOChat hashtag in your post and (if you check the box) send it to Twitter.
Remember to please try and respond to the questions inside of the thread. Here are my initial questions:
Q1. Is this Premise correct? Chances are we’ve already been penetrated. CIOs (CISOs) need to adjust management’s cybersecurity stance from “thwart penetration” to “rapidly respond to penetration & thwart damage”
Q2. Do organizations understand the value of their data?
Q3. Is the inability to appropriately value data leading to under investment in digital security technologies?
Q4. Does the Failure = Fire mentality lead organizations to sandbag the threat?
Q5. Do organizations view security as a shared responsibility or the job of a few select security experts?
Q6. What Is the Right Regime for Cybersecurity – i.e. who is responsible and what are their responsibilities?
Q7. Do organizations “Practice” responding to security breaches? And do Boards provide the resources to test, test the comms plan, evaluate the impact and treat security threats like they do a business continuity exercise?
Q8. What should be on the “Checklist” for how CxOs need to be communicating with Boards of Directors about cyber security?
Thanks for participating and see you in the CrowdChat!