I en praktisk guide fra et af USA’s mest anerkendte erhvervsadvokater gennemgås bestyrelsens praktiske tilgang til arbejdet med cyber risik management: “The board’s oversight of cybersecurity has two critical components: risk management and crisis management. In the risk management category, boards should view cyber-risk not as a technology issue, but as a component of enterprise risk generally. Though cyber-risk has some unique features, boards need not be intimidated by the technical aspects of cybersecurity but instead should address cybersecurity issues in the context of their broad oversight responsibility. A key component of risk management in this area is ensuring that the company has high-level personnel fully engaged and tasked with cybersecurity who report to senior management and, if appropriate, to the board. Another issue that should be considered by management and boards is whether the company should purchase stand-alone cyber insurance to cover or mitigate the costs of a cyber-attack and its consequences. Whether or not a specific board committee is tasked with the responsibility for cyber risk oversight, it is important that the entire board remain informed and engaged on cyber-risk issues. A recent survey found that 58 percent of board members surveyed felt they should be actively involved in cybersecurity preparedness. Surveying the same directors, only 14 percent said they were actively involved in cybersecurity preparedness, although 65 percent said that the perception of the risk their companies faced had increased in the last year or two.
Bliv et bedre bestyrelsesmedlem – eller forbered din bestyrelseskarriere: Tjek Bestyrelsesguiden.dk
tirsdag 08. juli 2025
10:23
