FINAL WORD
Lani Refiti , ANZ Regional Director at Claroty
According to a recent report on diversity within Fortune 100 Senior Executives , almost 70 % of newly-appointed independent board members in 2019 came from the ranks of CEOs or senior finance and operating roles , not from technology roles .
Cyber-risk and cybersecurity are integral elements in every organization ’ s overall risk management strategy and awareness of their importance is rising . In such a climate , boards must include the expertise of CIOs and CISOs to understand and advise on these critical issues .
CIOs , CISOs and board directors can provide informed and expert advice on how to counter cyberthreats , how to build resilience , and how to implement the most effective digital initiatives . They can also identify cyber-risks and recommend risk mitigation strategies .
Their absence at the board level can easily lead to complacency , or stasis , when boards lack the background and understanding to make major
It sent a clear message to organizations of all kinds to not be complacent in the face of increasing cyber-risk . technology-related decisions . Today their expertise is sorely needed . There will be no return to a pre-COVID normal . Disruption is inevitable and agility is essential .
For many organizations there is another dimension to the need for tech expertise on boards . Soon , an increasingly wide range of organizations in Australia will fall under the category of critical infrastructure providers and will be subject to new legislative demands .
The Security Legislation Amendment ( Critical Infrastructure ) Bill 2020 , now before Parliament , greatly extends the scope of what is considered critical infrastructure , adding an additional seven sectors to the category . Organizations in sectors including food and grocery , healthcare , transport and education will now need to be much more diligent about their cybersecurity and resilience .
Without strong cyber and technical representation on boards , organizations are exposing themselves to a range of business risks , including noncompliance with regulations , and the danger of cyberattacks . Those with strong technical representation will achieve better business outcomes , be more competitive and more resilient .
Overall , we need to see greater diversity on company boards in relation to skills and knowledge , specifically the presence of cyber and digital skills . p
84 INTELLIGENTCIO APAC www . intelligentcio . com