.

Join Us Soon:

 

Artificial Intelligence to Genuine AI: The Future Depends on How You Prepare

 

Date & Time

Oct 6, 2023 12:00 PM in Pacific Time (US and Canada)

Description

 

In the early days of AI development, we used to wryly say it was "artificial" Artificial Intelligence. We can’t say that now, as development and expansion of opportunities are growing. It’s time to understand the potential and how to prepare for best practices with AI. Join our interview with our team of experts who will share their insights and advice on how to best take advantage of AI in the future.

Webinar Registration - Zoom

 

  Welcome to Our Latest New Members to Our Boardwise Community

Hellman & Friedman

Investors in developing companies, H&F is committed to best practices in both management and governance. They support their companies with both financial and advisors and educational support for professional development, guidance and governance.  

 

 Lab2Market 

 Opening opportunities for entrepreneurs in Viet Nam to collaborate with U.S. investors and partners for growth. We are proud to help as counsel for long-term success with best management and governance practices. 

 donna.hamlin@hamlinharkins.com 

Contact us for our service for

 

Independent

 Board Evaluations

 

Our goal is to provide insights to improve the contributions and value of board work based on global best practices research. 

 

 
LOOKING FOR BOARD CERTIFIED CYBER EXPERTS? 
  
 
We have trained talent to help you. 
 
 
 
 
 
REACH OUT WITH ANY CHALLENGES TO GOVERN OR MANAGE WELL. OUR GOAL IS TO SOLVE WHAT IS IN THE WAY OF EXCELLENCE. 
 
 

  

Manage and Govern Well
October, 2023
.

Boards Are Slow to Add Cybersecurity Expertise

 

Brushing it Aside is Hardly the Answer

  

By Brian Barnier, Boardwise Partner

 

The latest study of S&P 500 US-listed companies shows only 12% have board directors with relevant cybersecurity credentials. Of those, only 7 had an active or former Chief Information Security Office on the board. According to the report by the Diligent Institute and Night Dragon VC firm*, 88% of companies have no director with cyber expertise, despite governance experts emphasize how crucial it is to have credentialed cyber experts aboard to oversee and manage cyber risks. Instead, most have a director with some adjacent technology experience, which hardly prepares a board facing how to handle a cyber attack.

 

Most of us understand cyber expertise on a board is crucial for good governance. Since directors are responsible for ensuring risks are managed properly, they must have cyber knowledge to ask the right questions and take wise steps.   

 

Why the Drag?

 

One reason is it is not obligatory. The rules proposed by the Securities and Exchange Commission would have required companies to disclose which board members had cyber experience, however, this did not make it in the final rules now in play.

 

Another reason directors cite is they find it hard to find the right candidate with the combination of cybersecurity technical expertise, executive business experience and understanding of the wider knowledge to contribute to all other topics in governance duties.

 

How to Shift from Sitting Down to Sitting Up

 

There are key steps we all can take to solve this.

 

Board Education

  • Many of our boards are taking the initiative to take classes – and certification programs to be well educated about cyber topics, especially in line with risk. DCRO offers a program that is helpful to consider.
  • Similarly, we help certify cyber experts in corporate governance to prepare then for the broader duties ahead as directors.

Provide Directors New Ways to Guide Management to Solve the Real Problem in Cybersecurity

 

We focus on skills to ask the right questions in our Cybersecurity Training programs.

 

  • In a causal conversation – not in the board meeting -- gently ask the management team what they see as top problems in cybersecurity.
  • You will most likely hear “changing threat landscape” (including ransomware), “emerging risks,” “social engineering,” “poor security culture” referring to general employees, “cloud/IOT/mobile devices,” and – the catch-all “poor cyber hygiene.” A people-aware management team will add “stress and burnout.”
  • Then gently ask “why?” to get to the real root cause to solve the real problem. Our distinctive approach empowers board members to ask questions to solve the real problem.
  • If you hear answers like “we need more tools or certifications,” keep gently asking “why?”
  • This practice protects from making management feel set-up. The objective of a board member is to add value by asking more insightful questions – long before a breach occurs.

Whatever path you take, the objective is to end up at the nature of the system in which cyber risk lives. Most cyber pros are set up to FAIL because the methods used are not appropriate for the nature of the system. Compliance checks are failed methods. In the famed Fishbone Diagram, Environment drives the Method.

 

This discovery is important because many cyber pro methods and math lag by decades (sometimes a century) behind those used in other professional disciplines. This is the why surveys of cyber pros frequently report stress and burnout – causing breaches.

 

The simpler way is to apply Industrial-Strength Design Thinking that has existed in the U.S. since at least the mid-1800s. This empowers board members to empower management who them empower cyber pros. Cyber pros can better protect companies and people from danger when through more insightful and helpful questions of management when corporate board members bring their whole selves (personally and professionally) to discussions of cyber in the board room.

 

When board members are confident about systems design for a purpose in which they have lived for years, then they can more easily apply it to cybersecurity. This empowers board members to guide management to prevent breaches by empowering cyber pros. We help directors practice this in our programs to draw from peoples’ professional and personal backgrounds to understand systems designed for a purpose.

 

We prepare and certify cyber talent to serve on boards. We also provide education programs for boards. Contact us to learn how we can help.

-----------------------------------------

*https://www.diligentinstitute.com  NightDragon and the Diligent Institute, the research and think-tank arm of executive software developer Diligent

 

  donna.hamlin@hamlinharkins.com 

Brian Barnier provides Boardwise clients with programs to address risk management, cybersecurity and AI-ML Decision science. A published author on all areas of risk management, he educated governments on these topics on behalf of the World Bank and teaches data science graduate seminars at City University in NY.