First study of corporate board members’ cyber risk concerns shows progress – and persistent gaps to overcome
Focal Point Data Risk, LLC (Focal Point), one of the largest pure-play data risk consulting firms in North America, today announced the release of the inaugural Cyber Balance Sheet Report. This first-of-its-kind research study uses in-depth surveys and interviews with corporate board members and chief information security officers (CISOs) to conclusively identify specific cyber risk issues resonating in boardrooms. Equally important, the unprecedented research reveals how CISOs and boards can quickly improve communication and collaboration in this critical area.
The Cyber Balance Sheet Report was independently produced, after several months of intensive research, by the Cyentia Institute (Cyentia), a cybersecurity research firm, co-founded by Dr. Wade Baker, who is widely recognized as the creator of the Verizon Data Breach Investigations Report (DBIR). In the study, Focal Point and Cyentia conducted comprehensive interviews with more than 80 board members, CISOs and subject matter experts. The report’s findings offer a rare window into the cyber risk dialogue in the boardroom, contrasting with many years of assumptions and security vendor characterizations.
“For years pundits have been saying ‘Cyber needs to be a boardroom issue,’ but the Cyber Balance Sheet Report replaces this sound bite with the most illuminating look yet at where cyber issues are making headway with boards or falling off the table,” said Yong-Gon Chon, CEO of Focal Point. “The report reveals important indicators around cyber awareness at the top levels of governance. We have evolved from cybersecurity being a component of IT performance to becoming an issue that prompts broader questions about protecting valuable company data. Yet, as the report discloses, it’s the nature of these questions and how CISOs respond that determines how far oversight and accountability still have to evolve.”
Key insights include:
“Pending legislation, shareholder pressure and media attention are all pushing board members to take responsibility for their organizations’ cybersecurity. As this happens, it’s important to understand the questions that board members are asking and measure whether CISOs are providing the answers,” said Baker, the lead researcher on the report. “This is where the Cyber Balance Sheet Report comes in. We interviewed scores of board members, CISOs and industry experts, and the report we developed offers the first-ever look at how boards are thinking about these critical issues.”
The complete Cyber Balance Sheet Report is available for download here.
Follow Focal Point Data Risk
About Focal Point Data Risk
Focal Point Data Risk, LLC is a new type of risk management firm delivering a unified approach to addressing data risk through a unique combination of service offerings. Focal Point brings together industry-leading expertise in cybersecurity, identity governance and access management, data privacy, analytics, internal audit and hands-on training services – giving clients everything they need to plan and develop effective risk and security programs. By integrating these services, we provide the resources necessary for protecting and using data across entire organizations. Simply put, Focal Point is the next generation of risk management. Visit https://focal-point.com for more information.
Sign up for our free weekly e-newsletter for more GRC articles, job postings, GRC events, white papers & more…..click here