The Role of Boards in Cybersecurity

On this episode we discuss the four key roles Boards play in cybersecurity.

1. Setting the company's vision and risk strategy
2. Reviewing assessment results
3. Evaluating management cyber risk stance
4. Approving risk management plans

Big thanks to our sponsor:

Risk3Sixty - https://risk3sixty.com/whitepaper/

Transcripts - https://docs.google.com/document/d/1jarCcQYioT59jtIrppH4xZqyAy4Vn_tB/

Chapters

• 00:00 Introduction
• 01:36 What is a Board of Directors and what do they do?
• 09:33 FFIEC requirements for Boards
• 16:51 Establishing an Information Security Culture
• 19:08 Vision and Risk Appetite
• 22:00 Reviewing Cyber Assessments
• 25:09 Are we secure?
• 32:44 Castle Walls and Attacks
• 33:37 Getting your budget requests approved
• 37:10 Using use or loose money and reserved funding