- One of the best mid-range sports watches I've tested is on sale for Black Friday
- This monster 240W charger has features I've never seen on other accessories (and get $60 off this Black Friday)
- This laptop power bank has served me well for years, and this Black Friday deal slashes the price in half
- This power bank is thinner than your iPhone and this Black Friday deal slashes 27% off the price
- New Levels, New Devils: The Multifaceted Extortion Tactics Keeping Ransomware Alive
NCSC to Offer Cyber Governance Guidance to Boards
Boardrooms must play a critical role in managing cyber-risk for their organization, the UK’s National Cyber Security Centre (NCSC) has argued in a new video, ahead of publishing a dedicated training pack for boards.
The Cyber Governance Training Pack for Boards will be rolled out in the coming year to offer “knowledge and practical guidance” to help decision makers in their understanding of cybersecurity governance, the NCSC said on Friday.
“Not only do boards carry the legal responsibility and accountability for cyber-governance within their organization, but they also have the opportunity to harness the benefits that technology offers, drive their company’s agenda, and deliver real value throughout the organization,” wrote NCSC Economic and Society team member Clare C.
The pack is designed to complement a new Cyber Governance Code of Practice proposed by the Department of Science, Technology and Innovation (DSIT) in January. That code is currently open for Call for Views until March 19. There’s also an NCSC Cyber Security Toolkit for Boards which provides guidance on how to implement the actions detailed in the code.
Read more on cyber governance: Board Members Struggling to Understand Cyber Risks
NCSC director of operations, Paul Chichester, highlighted cybercrime, ransomware, business email compromise (BEC), state threats and patriotic hackers as major threats facing organizations of all size across all verticals.
“There’s an increasing amount of information available to boards from their own teams. It’s important for organizations to be situationally aware in terms of those threats,” he said.
“The NCSC provides significant resources in that space on our website and through information exchanges and other engagements. And we look to try and educate as much as we can on the changing nature of that threat.”
Boards should also consult the wealth of open source information on evolving threat landscape trends, and talk to their peers, partners and competitors to stay informed, Chichester suggested.
“I see their role as managing risk. And just as boards manage various types of risk, cyber needs to be a key one they’re focused on and managing,” he concluded. “Their role is not to be experts in the subject but to really offer challenge – making sure the organization is managing risks.”