Board News, Articles and Updates

Equifax board picks former Broadcom exec for tech committee

Two months after revelations that an Equifax breach had exposed information on 145.5 million US consumers, the company has added Scott A McGregor, former CEO of Broadcom Corp. to the board and to its technology committee.

Equifax CEO departs, following CSO & CIO; breaches truly a board issue

Equifax CEO Richard Smith has abruptly retired following a massive breach that exposed the data of 143 million US consumers and thousands in Canada and the UK, and cast the company's security practices into question.

InfoSec problems? Listen to your CISO, put more emphasis on recovery

For those businesses that want to reduce the brand risk of cyber-attack, Marc Lueck says more emphasis on recovery is the easiest place to start. It will also go a long way to future proofing organisations against upcoming threats.

Risk management to strategic resilience: The evolution of cyber-security

CISOs do indeed need to articulate cyber risk to the board in a business context, but equally, the board need to get a better grasp of cyber and prioritise criticality of security integrity vs continuity of service vs profitability.

The cyber-security buck should stop with executives, finds survey

New research by VMWare has found that a great deal of UK workers believe that the responsibility for cyber-security should go all the way to the board of directors.

Roundtable: C-suite responsibilities in the case of a breach

SC Magazine's most recent roundtable opened with the question, when it comes to a breach, where does the buck stop? Who own's the breach?

90% of UK CIOs fear GDPR

A new survey by Egress Software has shown UK CIOs to be wary of incoming EU data protection laws

Cyber-security a board issue, says Dido Harding

Appearing in front of a House of Commons Select Committee, Dido Harding defended TalkTalk's cyber-security plans and took responsibility for incident response, describing security as a board issue and business risk.

The future CISO: The next Captain Kirk?

Future Chief Information Security Officers (CISOs) will be multi-skilled business-enablers, the 21st century equivalent of Captain Kirk from Stark Trek.

Sony's 'small' spend on breach remediation - but are Russians inside network too?

Sony Pictures Entertainment has spent around US$ 15m (£9.87m) on investigating and remediating last year's data breach, which saw hackers steal terabytes of data.

Information security budgets on the decline?

A new report which claims information security budgets have fallen has been called into question, but carries better news for security companies and security awareness training.

IT security pros prioritise new tech over training

New research from IT security vendor Websense and Ponemon Institute indicates that security professionals want their companies to invest in new technology, but are doing little to 'upskill' existing staff.

CISOs breaking free from IT control, missing board support

Some of the UK's chief information security officers (CISOs) are breaking away from IT budgets and reporting lines but are still missing C-level support, a new study reveals.

CISOs still grappling with security awareness training

A study of some of the UK's top chief information security officers (CISOs) has revealed that just 21 percent are conducting security awareness training on a regular basis.

Cyber security not a UK boardroom priority

New research from consulting firm KPMG claims that cyber security and data protection are only ranked third as priorities in UK boardrooms, following people skills and plant/machinery spending.

Security awareness training should 'change how people think'

Security awareness training must be high on the agenda of best practice when companies fight off cyber threats, experts concluded at the SC Congress London.

CEOs still don't get cyber security, study finds

A new study reveals that boardroom executives are still unaware of cyber threats, much to the chagrin of those working in information security.

Businesses still don't value CISOs, survey finds

The continuing rift between IT security professionals and 'the business' has been highlighted by a new study that shows many organisations still attach little value to cyber security - even though they know the threat is growing.

SC Congress London: Bottom-up security awareness has C-level benefits

A stellar panel of infosec experts told a packed audience at SC Congress London on Thursday that security awareness can play an integral role in educating C-suite on threats coming from inside and outside the company.

Will your business be a board walking empire?

There should be a better connect between the board, security team and employees - sound familiar?