The Importance of Board Members in Building a data-centric Cybersecurity Strategy

The responsibility for data security ultimately ends in the Boardroom regardless of the IT environment – operating HPE NonStop or other platforms – that creates and processes the organization’s valuable data.

Over the past 12 months, most board agendas have mainly been focused on dealing with business continuity during the pandemic. Yet, this shouldn’t be an excuse to forget any obligations to cybersecurity. In fact, according to Gartner, 40% of boards of directors will have a dedicated cybersecurity committee by 2025. It’s proof that board members are finally waking up to the real risks that cybersecurity threats can pose to companies of all sizes and that securing sensitive information is not solely an issue for IT teams.

Where should the board be directing its attention?

Unfortunately, less than half of data security and risk executives feel confident that their company is dedicating enough resources to secure against potential cyberattacks properly. Cybersecurity may sound like a topic that only IT or security experts can deal with. Yet, the reality is that board members are essential in making sure a company is sufficiently protected. Cyberattacks can result in reputational damage along with legal and operational issues, which may impact the entire company in the form of a regulatory fine or loss of brand reputation among customers as well as partners and suppliers.

The key is communication; board members need to be confident and ensure that sensitive data is protected. This is achieved by stressing the importance of, and embracing, a data-centric security strategy. This message and responsibility should also flow to all department levels across the business. Organizations need to be focusing on where and how they are securing data, especially with the rise of digital transformation and regulatory requirements like PCI DSS, HIPAA, GDPR and CCPA. Now, the momentum is picking up as boards of directors are forming special committees dedicated to combating cyber risks. These committees provide a space to discuss cybersecurity matters while including all levels/sectors within a company. This is an important step to move away from the IT-centric focus many companies still operate under.

Read the whole story and find out more about the importance of data-centric security and how to secure and analyze data in the cloud.