Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!

Cybersecurity Issues Now at the CEO and Board Level

By Kevin Coleman
Security blog default
May 5, 2016

The risks associated with cyberattacks have now become the topic of discussion at the senior most levels within organizations for many reasons. In January, The World Economic Forum (WEF) listed cybersecurity as one of the greatest threats to businesses globally. In their report they rank cybersecurity in the top 10 threats of 140 economies. They went on to place cybersecurity above the food crises, interstate conflict, terrorism and infection diseases.

This is why cyber risks are now a common topic at the senior most levels C-level executives and the Board of Directors) within an organization. Many CEOs have begun to ask their management team members tough questions about their cyber preparedness. A KPMG report disclosed that half of CEOs asked admit they are not fully prepared for a future cyber event. With the pace of change in the cyber threat environment, one has to wonder if anyone can be “fully prepared” for a cyber event. That has given rise to cybersecurity training (non-technical) programs specifically designed for CEOs, CFOs and COOs.


Cybersecurity has become such a huge risk, and concerns do not stop at the CEO. According to a recent survey conducted by ISACA and RSA, 82 percent of boards are concerned or very concerned about cybersecurity. It has also caught the attention of law makers. Late last year a bill was introduced in the U.S. Senate that is getting attention and not just in the United States. It is called the Cybersecurity Disclosure Act of 2015. The bill wants all publically traded companies to disclosure whether or not any member of the board of the publicly traded company has expertise or experience in cybersecurity. This information would be required in Security and Exchange Commission (SEC) disclosures. It goes on to state that if the board does not have a member with cybersecurity expertise or experience, the company must describe what has led them to determine that cybersecurity expertise or experience is not required at the board level.


In the introduction of the bill, it states that during a 2013 National Association of Corporate Directors roundtable openly admitted that “the lack of adequate knowledge of information technology risk has made it challenging for them to effectively oversee management's cybersecurity activities.” The bill clearly indicates that those behind the legislation believe that investors as well as customers deserve a clear understanding whether or not publicly traded companies are properly prioritizing cybersecurity risks, and whether or not they have the knowledge to protect investors and customers from cyber related attacks. It is difficult to imagine any publically traded company would not require cybersecurity expertise on the board given how dependent organizations are on connectivity and the push to go digital. One can only imagine the investors’ reaction if a company did not have the cybersecurity expertise on the board.


Clearly, cybersecurity is rapidly moving from being viewed as a tactical issue to a strategic business issue of critical importance for every organization. This won’t happen overnight, but all signs seem to indicate the inevitability of these changes. With all of these concerns and all of the attention cyber risks are being given, it is becoming more likely that we will see many more CSOs and CISO reporting into the CEO and outside cybersecurity business experts being given board seats. This will have significant implications for CSOs and CISOs. Clearly additional oversight by the board of directors is coming, even if this bill does not pass. CSOs and CISOs would be well advised to brush up on their non-technical communication and presentation skills. They should also begin providing board level cybersecurity information to all C-suite executives so that they are well briefed on the current state of cybersecurity risks and defensive actions put in place to minimize risks. Perhaps it is time the CSOs and CISOs devise an executive level scorecard that presents risks and counter measures over time and includes industry comparisons specifically for this purpose.

 

KEYWORDS: cyber risk mitigation cyber security security risk management

Share This Story

Kevin Coleman is a dynamic speaker, author, advisor, and visionary that provides riveting insight on strategy, innovation, and the high velocity technology. He was Chief Strategist at Internet icon Netscape and at another startup that grew to be BusinessWeek’s 44th fastest growing company. He has spoken at some of the world’s most prestigious organizations, including the United Nations, the U.S. Congress, at U.S. Strategic Command, and before multiple Fortune 500 organizations and briefed executives in 42 countries around the world.

Blog Topics

Security Blog

On the Track of OSAC

Blog Roll

Security Industry Association

Security Magazine's Daily News

SIA FREE Email News

SDM Blog

Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

Laptop with coding on ground

Stepping Into the Light: Why CISOs Are Replacing Black-Box Security With Open-Source XDR

Gift cards and credit cards

Why Are Cyberattacks Targeting Retail? Experts Share Their Thoughts

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing