Is this something your board members might say?
If it is, you’re not alone. Our recent Boardroom Cyber Watch Survey highlighted that despite cyber-threats potentially impacting on many mission-critical aspects of a business, only 30% of respondents felt that an understanding of current IT security threats is a prerequisite for board-level job candidates.
Perhaps the remaining 70% would benefit from reading PAS 555 Cyber security risk – Governance and management, a new specification, written to raise the profile of cyber security at top management level?
PAS 555 is very clear that effective cyber security isn’t just something your ‘IT boffins can take care of’, it’s about making the right security investment by assessing the risks and addressing people and processes, as well as technology. According to PAS 555 an effective strategy encompasses:
- Physical security
- Equipment security
Along with CESG’s 10 Steps to Cyber Security and CSI’s 20 Critical Controls for Cyber Security, PAS 555 forms the basis of the new Managing Cyber Security Risk course – which helps senior managers to create a cyber security risk management strategy, based on current best practice frameworks. As well as helping you to create a strategy that’s right for your organisation – this course will also help you to tackle the difficult bit – delivering the strategy!