Board and Senior Management Interactive Awareness and Responsibility Workshop
The Board Awareness Workshop is designed to aid Senior Management in educating the Board and gaining the support of the Board for a comprehensive cybersecurity strategy and implementation. Each workshop is customized to the needs of the organization, but a typical workshop includes:
- Understanding the regulatory and fiduciary responsibilities related to cyber risk, including: NIST Cybersecurity Framework, NERC-CIP, FISMA, FFIEC, COBIT, COSO, SCO, etc.
- Systematic approach to understanding which assets (data, Intellectual Property, physical) need protection, and the value of those assets to the organization in an agile environment
- Understanding the difference between OT (Operational Technology), IT (Information Technology), Internet of Things (IOT), Industrial Internet of Things (IIOT), mobile, vehicular systems, and how to address all of these in an integrated cybersecurity strategy
- Understanding the threats to those assets and what is your attack surface
- Understanding how to protect those assets, from current and future threats, and the costs associated with that protection – strategic, organizational, managerial, and technology
- Determining the ROI on investments in cybersecurity, how to prioritize cyber-protection of assets, and the possible uses of cyber insurance as an alternative
- Crisis Management and how to respond to a breach: incident management, business continuity planning, disaster recovery, public relations.
- How to work with and support senior management in providing the agile cyber-resilience that enables senior management to provide, measure, and report on, an acceptable level of risk.