Operational resilience | Risk Management & Reporting

June 7, 2023

Solving the mismatch between cyber security reporting and directors’ requirements

You are undoubtedly familiar with the headlines; you may have even become in part desensitised to them: ‘Cyber-attacks are increasingly damaging’, or ‘large amounts of personal data are most at risk’.

The important take-away, however, is that modern day thieves can easily gain access to your business IT systems and, before you know it, steal the data stored there. Along with public admissions that “unusual activity has been detected on our network”, is the familiar concern that worse is to come.

With media coverage, regulatory obligations and growing cyber security awareness, it is quite apparent that cyber-attacks are costly for everyone. They are disruptive to business, harmful to shareholder value and damaging to the reputations of all concerned.

What do the headlines mean for executives & directors?

In Australia and increasingly in the UK, we are seeing regulators focusing their attention on senior executives and directors and specifically on operational resilience. Most cyber risk management practices are in need of upgrading. Directors particularly, as part of their oversight responsibilities, need to understand the meaning and business implications of the security reports they receive.

Effective decision making and continuous disclosure obligations require that directors have access to the most current and accurate security information to inform their security decision making. Old-fashioned risk assessment techniques, still in use in many organisations, can seriously prejudice the quality of that decision making.

Organisations should therefore adopt evidence-based cyber risk management technologies quickly, for the timely protection of the reputations of their organisations and boards.

Read more on the mismatch between cyber security reporting and directors’ requirements, and how to solve it.

Download resource

Cyber Security Reporting for Directors and Executives


Related Cybersecurity Content


Read by directors, executives, and security professionals globally, operating in the most complex of security environments.