The first step in having a board that understands your company’s cybersecurity protocols and procedures is to provide them with what they need to know about cybersecurity to operate effectively.
Having a high-level understanding of your cyber risks is important, but it isn’t enough. The National Institute of Standards and Technology Cybersecurity Framework provides a set of industry standards and best practices for managing cyber risk that board members should review. This includes core principles that should be incorporated into your cybersecurity plan:
To learn more about these principles and to find out how experienced legal counsel can work with your business to make sure appropriate regulatory interests are understood and proactively addressed, request a copy of our complete white paper "7 tactics for winning the cyber war: Battles strategies for directors and officers."