IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

How to elevate cyber security needs to be a board-level issue

Is your senior leadership team taking security seriously enough?

To say cyber security should be a top priority for any modern business feels as though it should be entirely uncontroversial in today’s climate. Between high-profile breaches, the risks opened up by our new ways of working and the well-established risk to reputation, finances and the general operation of your company, surely every organisation will be prioritising security as part of their IT investment?

Related Resource

Getting board-level buy-in for security strategy

Why cyber security needs to be a board-level issue

Intercity 'Getting board-level buy-in for security strategy' whitepaper coverFree Download

The reality, however, does not always match up to this ideal. Security professionals still often have to work hard to improve security through tools, training and other techniques – and are met as often as not with indifference or hostility. Even where the board is concerned, while they might understand the need for bolstering security, securing the money, resources and support to make that happen is not always easy.

Having the board on-side when it comes to cyber security is key. They are the people who set strategy for the whole organisation; they can enforce security policy in a way that team leaders cannot, as well as ensuring the business operates a uniform security system that meets its needs.

On top of this, the business as a whole looks to them for leadership. If the people at the top are understood to be fully embracing security and the measures it takes to keep the company safe, it’s likely to help diffuse opposition throughout the ranks.

Speaking the right language

Of course, you can’t rely on the board having an in-depth understanding of IT and security issues. Some may have a grounding in the technical issues at hand. But you need to speak to them in a language that everyone can grasp, and one that communicates the importance of investing in your cyber security strategy.

One key is striking a balance between what the board needs to know and what it doesn’t. It’s worth making sure they can understand key concepts like zero trust and two-factor authentication, as these tie directly into how security operates in the business on a practical level. You can, however, stop before getting into the nuts and bolts of Trusted Platform Module (TPM) technology or sandboxing – in other words, concepts that are likely to confuse them rather than get them on board.

You also need to dispel some of the enduring myths surrounding cyber security – and particularly the criminals that perpetrate it. The stereotype of the faceless, hoodie-wearing villain can muddy the issue. This conception of the lone-wolf hacker can obscure the fact that cyber crime is a big, well-organised business, and that, in this environment, any organisation can become a target.

Your goal is to give the board a clear understanding of the level of risk involved, the potential cost of failing to address these risks, and a clear roadmap of how you intend to build your security systems to prevent these breaches from happening. The case is a strong one – it’s your job to communicate it. With the board’s backing, it will be much easier to access the technology you need and to roll it out successfully across your company.

To learn more about making your case for cyber security investment, and what to do once you have, read our co-branded IT Pro/Intercity report, ‘Getting board-level buy-in for security strategy’

Featured Resources

2023 Strategic roadmap for data security platform convergence

Capitalise on your data and share it securely using consolidated platforms

Free Download

The 3D trends report

Presenting one of the most exciting frontiers in visual culture

Free Download

The Total Economic Impact™ of IBM Cloud Pak® for Watson AIOps with Instana

Cost savings and business benefits

Free Download

Leverage automated APM to accelerate CI/CD and boost application performance

Constant change to meet fast-evolving application functionality

Free Download

Most Popular

What's powering Britain’s fibre broadband boom?
Network & Internet

What's powering Britain’s fibre broadband boom?

3 Feb 2023
Dutch hacker steals data from virtually entire population of Austria
data breaches

Dutch hacker steals data from virtually entire population of Austria

26 Jan 2023
Windows 10 users locked out of devices by unskippable Microsoft 365 advert

Windows 10 users locked out of devices by unskippable Microsoft 365 advert

3 Feb 2023