"Move Fast and Break Things" is not a good Risk Management Strategy! Learn More about Cyberrisk on Boards: https://www.korte.co/hymb
#governance #cybersecurity #boardofdirectors

Some good news from the world of corporate boards and cybersecurity. At least for Fortune 100, CISOs and Boards are engaging more. Cybersecurity Dive has a good summary of the EY survey.
https://www.cybersecuritydive.com/news/corporate-boards-cybersecurity-oversight/691995/
#governance #boardofdirectors #cybersecurity

Cybersecurity incidents and privacy violations have led to fines and lawsuits. My latest article at the NACD looks at the latest issues and possible strategies for boards. Don't Delay - Cyber Risks won't!
#cybersecurity #governance #boardofdirectors
https://www.nacdonline.org/all-governance/governance-resources/directorship-magazine/online-exclusives/how-boards-can-step-up-their-cybersecurity-oversight/

Ambani children
Take on board roles to solve
Father's legacy

#ambanifamily #india #relianceindustries #boardofdirectors #haiku #poetry

https://www.reuters.com/world/india/indias-reliance-appoints-isha-akash-anant-ambani-board-2023-08-28/

AI is changing the future!
You need to match the Opportunities and Challenges!
https://www.korte.co/j5e5
#AI #digitaltransformation #governance #Boardofdirectors

Ransomware attacks and cyber incidents are part of modern IT. Having a well-thought-out communication strategy from the IT department to the board is essential for maintaining the trust of customers and the general public. It is also critical, given the latest SEC proposals.
For more points to consider when preparing for a ransomware attack, join 19 experts and me at the Forbes Technology Council
#cybersecurity #governance #boardofdirectors
https://www.forbes.com/sites/forbestechcouncil/2023/08/10/ransomware-attacks-20-essential-considerations-for-prep-and-response/

The new Security Exchange Commission's new cybersecurity rules try to balance oversight with general board skills. Whether it is enough to show that boards have an idea about the cybersecurity process without having expert knowledge on their boards remains to be seen. The Wall Street Journal recently ran an article with the pros and cons of the new approach.

#cybersecurity #governance #boardofdirectors

https://www.wsj.com/articles/cyber-experience-on-boards-still-seen-as-critical-in-new-sec-rules-937702bd

Tie-Day! As someone, who has seen the corporate world as a Consultant, C-Suit, and Board Member, I enjoyed giving my input in CXO Magazine about why CIOs and CISOs should be part of the top management. The Tie for the second hand from my grandfather, who likewise knew the challenges of being in the C-Suite and on Boards.
#governance #boardofdirectors #KevinsTie

As a tech leader, adapting your language in a business meeting is sometimes challenging. I have found three practical ways to discuss tech in meetings, including on boards.
#leadership #cybersecurity #boardofdirectors
https://www.korte.co/2023/08/03/being-understood-simple-ways-tech-leaders-can-adapt-their-language/

The new SEC cybersecurity rules have shifted the question of experts in the boardroom. However, there are enough public companies where the CIO and CISO are neither part of the top-level management nor report anything directly to the board. Why this should change and how CIOs and CISOs can start the process was part of an article I wrote for CXO Magazine® half a month ago. Now, it's more relevant than ever!
#cybersecurity #boardofdirectors #governance
https://www.cxomagazine.com/top-table-why-companies-need-to-elevate-the-role-of-their-cio-and-ciso/

It seems the SEC finally voted on cybersecurity incidents and risk management reporting. Let's look forward to how companies implement it and the changes it will bring to board practices around technology.
https://abcnews.go.com/Business/wireStory/new-sec-rule-requires-public-companies-disclose-cybersecurity-101674215
#cybersecurity #governance #boardofdirectors

Good morning Mastodonians! Busy morning here; I'm in the boardroom getting ready to take minutes on a Board of Directors meeting. Listening to a couple of people debate the latest issue on the table before the meeting begins. Yeah, it's gonna be a day.

How are all my friends & followers today?

#GoodMorning #WednesdayMood #BoardOfDirectors

If you're responsible for an organisation that allows decentralized management of IT assets. Please make sure that the support organization can still take responsibility for communicating and coordinating reported issues.

I just got my elaborate issue report on a failing public facing service, including the solution delivered on a platter, closed in the spirit of 'managed by another dept. not our problem'.

#business #IT #management #alignment #organization #policy #executives #BoardOfDirectors

The @FinancialTimes has an outstanding article on why boards need an understanding of cybersecurity risks. "Attackers only have to get it right once" perfectly sums up the risk of not developing strategies and not having any cybersecurity risk oversight.
#cybersecurity #governance #boardofdirectors
https://www.ft.com/content/a61fbda1-f956-498f-b88c-f0aaa55de4f0

38/39 Most of today's CEOs would hate it. In theory, stockholders should embrace this theory, and the board, representing the shareholders, would implement it. But our markets are illogical, and today's boards don't do a very good job of representing stockholder interests. Boards are essentially captive to the interests of the CEO, for many reasons.

#BoardOfDirectors #RegulatoryCapture

CISA guidance regulating Software Supply Chain management, tightened disclosure rules by the SEC, and new cybersecurity requirements for the Board of Directors - if companies and leaders don't change how they handle cybersecurity and data protection, we will see more regulation and less innovation.
My latest Forbes Article dives into the latest changes and what to expect if we don't shape up.
#cybersecurity #governance #boardofdirectors
https://www.forbes.com/sites/forbestechcouncil/2023/03/31/how-to-win-in-the-ongoing-quest-for-better-it-compliance

3 members of #NationalAudubonSociety #BoardOfDirectors #resigned Wednesday in response to the conservation group’s announcement that it will retain name tied to #enslaver & #bird #artist , #JohnJamesAudubon .

The national #conservation organization is facing an #internal #backlash after opting to keep the name after a yearlong deliberation. The #decision #outraged employees, prompted an uncomfortable all-staff meeting & drove three board members to #ResignInProtest .

https://www.eenews.net/articles/revolt-at-audubon-as-3-board-members-resign/

#ProTip

In my experience, when two people wind up in full blown, knock down drag out, #litigation, one, or both of those #people suffer from some form of #MentaltIllness.

Two #WellAdjusted adults having a dispute can almost always solve their #problems by means of #compromise.

There is, however, a #caveat. When well adjusted adults represent a limited liability #entity, (like a #corporation) all #bets are off. The reason is that limiting liability, coupled with #insurance policies, #default makes otherwise #normal #people act like #sociopaths

Especially when said limited liability entity diffuses #moral and #ethical #responsibility by means of a #BoardOfDirectors

I used to do a lot with ISC² and the #CISSP. I've also done a bit with #OWASP in the past. Every org like this gets long-in-the-tooth and needs to evolve. The kinds of things that were relevant 5 or 10 years ago can be made irrelevant in a blink of an eye—except they remain relevant for people who upgrade technology slowly (or not at all).

Like so many initiatives, everyone has this amazing energy and passion as it starts, and then forgets to enable (and execute) changes over time. Fields have gotten REALLY complicated and specialised. "Web Application" (the WA in OWASP) is nearly impossible to define. HTTPS-based APIs? Mobile Apps? And the recommendations in all those arenas vary.

I don't have an answer. It's a hard, human problem. There's no tech solution here. I'm starting to think that mandatory term limits are valuable in lots of situations, not just #politics We should consider them for #boardofdirectors , steering committees, and other leadership roles, too. Force the leadership to change out to keep institutions vital and fresh.

https://www.csoonline.com/article/3689811/open-letter-demands-owasp-overhaul-warns-of-mass-project-exodus.html#tk.rss_all

Cybersecurity: New NYDFS Regulation Would Create Additional Board and Officer Requirements -- and Potential Liability (via Passle) by Richard Borden and Saphya Council (丝凡). https://ipandmedialaw.fkks.com/post/102i5px/cybersecurity-new-nydfs-regulation-would-create-additional-board-and-officer-req #law #privacy #nydfs #corporations #cybersecurity #boardofdirectors #ciso