On this episode we discuss the four key roles Boards play in cybersecurity.
- Setting the company's vision and risk strategy
- Reviewing assessment results
- Evaluating management cyber risk stance
- Approving risk management plans
Big thanks to our sponsor:
Risk3Sixty - https://risk3sixty.com/whitepaper/
Transcripts - https://docs.google.com/document/d/1jarCcQYioT59jtIrppH4xZqyAy4Vn_tB/
- 00:00 Introduction
- 01:36 What is a Board of Directors and what do they do?
- 09:33 FFIEC requirements for Boards
- 16:51 Establishing an Information Security Culture
- 19:08 Vision and Risk Appetite
- 22:00 Reviewing Cyber Assessments
- 25:09 Are we secure?
- 32:44 Castle Walls and Attacks
- 33:37 Getting your budget requests approved
- 37:10 Using use or loose money and reserved funding