Cyber security is a boardroom issue.
Organisations need to embed cyber security decisions into normal risk management process, so it’s crucial that CEOs, CFOs and other executives take an active role in understanding the level of risk they’re exposed to and establishing a meaningful and effective strategy.
The financial future of a business and its customers can hinge upon the security of the organisation’s information – and the board is responsible.
Directors have a duty to keep themselves informed and may be held negligent if they do not take professional or expert advice. Whilst Directors are entitled to rely on their staff, that reliance cannot be unquestioning and they retain a duty of supervision and control.