The role of the Board during a cyber security attack

As technology continues to become an increasingly integral part of the workplace, it has never been more important to understand cyber security and ensure the safety of your business. Gone are the days where the headache of cyber security could be passed onto the IT department, as it is now a critical business issue.

The Board of every business has an important role to play in ensuring the online safety of the business and its employees and it is their responsibility to identify and prioritise cyber risk at a macro level.

A successful cyber attack can have a variety of significant impacts on a business including financial loss, damage to equipment and reputational issues. You may have only heard about cyber attacks targeting large scale organisations, however, all businesses are at risk of an online attack.

The risk of cyber attacks should not be ignored and being able to mitigate these threats requires Board members to not only think of cyber security as a business risk, but to act on this too. It is recommended that Boards request briefings, at least bi-annually, on cyber trends and risks within their industry and how these may impact their organisation.

The Board of any business should ask themselves the following questions:

  1. Do we know what our critical information assets are and where are they located?
  2. Do we know who has access to these critical assets, who is responsible for protecting them and how well they are protected?
  3. Do we know what our compliance obligations are and the implications if we are in breach of our obligations?
  4. Do we know how to respond to a cyber security incident?

Cyber security is a vital issue for any business in today’s digitalised world. Our internal audit team can ensure your organisation has the correct processes and controls in place to help avoid the risk of a cyber attack.

If you have any questions in regards to the cyber safety of your business or would like to discuss putting some processes in place, please give us a call on 03 5443 0344.

Source: https://www.telstra.com.au/content/dam/tcom/business-enterprise/security-services/pdf/5-knows-of-cyber-security.pdf