Cyber Governance Action Plan for Board Members
Top Ten
1
2
3
4
5
6
7
8
9
10
Know what you're trying to protect and from whom.
Adopt a recognized standard for management and board oversight of cyber security.
Set a target state of cyber security.
Create a written, budgeted security roadmap.
Use a custom board dashboard to oversee cyber risk.
Ensure the independence of the CISO with dotted-line reporting to the board.
Establish a cross-functional cyber committee.
Conduct penetration testing to stimulate advanced attacker activity.
Police third-party vendors with access to your network.
Protect the balance sheet against cyber risk.
Source: Aon’s Cyber Solutions whitepaper: “Top Ten: Cyber Governance For Boards Of Directors”