Your Board’s Cybersecurity Oversight Probably Isn’t Good Enough By STEVE SANDERS, Chief Risk Officer and Chief Information Security Officer, CSI Most bank boards struggle with cybersecurity oversight because they don’t know what questions to ask, how to interpret the answers or whether their security measures are working. Directors may approve cybersecurity budgets without understanding if those investments actually reduce risk, or they may review incident reports without grasping whether response times meet industry standards. They can describe their cybersecurity framework, but often can’t explain what their institution does with the results. The challenge is compounded further when cybersecurity is presented as a jargon-filled IT issue 11 WEST VIRGINIA BANKER
RkJQdWJsaXNoZXIy MTg3NDExNQ==