Six Data Security Questions that Every Board Needs to Ask (HelpNetSecurity)


As data breaches become a constant headline, data security should be a major concern for company boards everywhere. Unless a board member has been hired specifically to provide oversight for cybersecurity programs, many boards may find themselves unprepared to perform the necessary level of due diligence.

This lack of understanding and the inability by the board to challenge cybersecurity assumptions is one of the key reasons why Chief Information Security Officers perennially lack the resources and funding to prevent data breaches, like that at Equifax.

The good news is that boards can take the risk management concepts they already know well, and apply those to cybersecurity by properly framing the conversation using these six questions.