Why Cyber Risk Gets Lost in the Boardroom
informationsecuritybuzz.comCyber Risk is now a standing item in most boardrooms. You’ll find it in annual reports, audit committees, and regulatory filings. And still, cyber risk is not being addressed.
Not because boards don’t care, or because CISOs are not reporting. But because something fundamental is still not working between security and governance.
We posed these three questions to six leading minds in the field of cyber security and risk:
- What is the biggest misunderstanding that the board still has about cyber risk?
- What metrics are actually used to drive decision-making at the board level?
- And finally, should the responsibility for cyber risk rest with the CISO alone?
What we got back was convergence. But within that convergence were sharp distinctions about governance, AI, trust, financial modeling, and accountability.
The Biggest Misunderstanding: Cyber Is Still Treated as an IT Problem
Despite years of awareness campaigns and headline breaches, the ...
Copyright of this story solely belongs to informationsecuritybuzz.com . To see the full text click HERE