Cybersecurity is a board level issue with fiduciary implications and is growing in its importance to companies. Cybersecurity is today a top-level agenda item.
By having a Cybersecurity committee, a board of directors can enable management to present and report on the effectiveness of their policies and procedures for corporate-wide Cybersecurity.
A Cybersecurity committee ensures that business leaders write up their security practices and standards and their protocols for responding to a security breach or even a threat. And, that these practices, policies and procedures are followed.
Regular reporting means a board of directors can identify who is responsible by title, their full remit, and in what time frame they are to respond to Cybersecurity issues.
In the event of a cyber-breach, the board should receive updates from the security committee on the actions taken.
As part of a company’s approach to governance and compliance, it is critical that a chain of command and personal, named, responsibility is in place to ensure that a company is protected.