Published in the Ethical Boardroom, Evan Sills and Reda Baig of Good Harbor Security Risk Management outline their take on “Leveraging Data at the Board Level”: Managing the myriad ways of data utilization is not only an IT or business requirement but is increasingly a board concern as well. To protect its data, a company needs to assign the right value through elaborate and time-critical processes. Directors play a key role in helping companies understand the data they possess in three ways:
1) Directors can help executives to view all the data through an enterprise lens. They should play an even larger role in providing a top-level view of different (cybersecurity-) risks and in prioritizing the protection of particular types of data. This is necessary because different business units might assign differing values to their data. For example, R&D documents might be less valuable to IT security than to their owners and the counsel’s office might not have a strong understanding of business development data.
2) Companies should protect all datasets by aligning them with their information security program. Working hand in hand with Business Information Security Officers, the board can offer a whole-of-company perspective that aligns new security technology with specific products.
3) Cybersecurity does not fail or succeed independently. Thus, directors need to receive information about the security program, how different technologies work combined, and how they address particular risks. This improves decisions about upgrades and new technology solutions.
In conclusion, the boardroom is the place where issues are raised that cut across many operational and corporate functions. Therefore, directors sit in a prime position to help calibrate data assets to security and future growth of the cooperation.
Read more here.
