At the January 2016 FEI -SIM joint dinner, cyber security responsibilities of the c-suite and boards was the m panel topic of the year. Top observations shared by experts from Motorola, Accenture and CME group:
  1. Your third party vendors and interconnected business partners are a critical risk which goes overlooked.
  2. Cyber security is now a standing board of directors topic at progressive businesses. Those who have not been hacked just do not know (yet). Ensure the board is aware of the current state of cyber security.
  3. Digital risk is part of your enterprise risk management responsibilities. Governance, education, and focused on continuous operational resolution are critical business leadership duties (CEO on down).
  4. As executives, you owe the market, employees, and customers a truth based story on how you are managing this risk. Disclosure is critical to brand trust.
  5. There is no safe harbor and you will be hacked (or have been). The cyber security experts to help you are few and growing more expensive. Be mindful of the investment and duties to do 'the right things' for sake of your customers. Brand damage can be critically impactful.
  6. It is not just malicious mischief- nation states and terrorist organizations are now routinely targeted companies with persistent attack campaigns. Treat your data and business operations accordingly in your protection.