Every member of an institution–from board member to secretary–is responsible for playing a part in data privacy and cybersecurity. The caveat to this rule is that no two roles should have the same level of responsibility, and institutions which fail to properly assign duties risk inefficiencies at best, and compliance-related fines at worst. There are…
Editors Note: This article was written by Advisory Board Member, Jody Westby, for LeadersEdge, the content platform of The Council of Insurance Agents & Brokers.
As most organizations and governments closed their offices and ordered employees to work from home in response to the coronavirus, cyber criminals and nation states began taking advantage of workers who were suddenly easy targets.
This is not just an IT/information security problem; it is also a governance problem. Boards of directors and executives not only have to steer their companies through the unprecedented challenges associated with the coronavirus; they also have to review their governance of information security, business continuity plans, and risk transfer strategies to ensure that IT systems are secured and fraud and corruption are controlled. This is no time to dawdle; the threat environment has changed, and cyber attacks and fraudulent schemes are already impacting organizations around the globe.