<img src="https://ws.zoominfo.com/pixel/PMY3ZvbpZt27ywWwZSBB" width="1" height="1" style="display: none;">

Business Copiers & Printers

EO Johnson offers multifunction copiers and printer solutions that are cost effective and easy to use. Trust in the exceptional service and rapid response time of our knowledgeable local service technicians.

Production Print & Finishing

EO Johnson is your one-stop shop for digital production presses, wide-format printing, and finishing equipment. We provide local service and support and have the most technologically advanced Customer Experience Center in the Midwest.

Locknet Managed IT

Locknet Managed IT is a Managed Security Service Provider (MSSP) that is both FFIEC-examined and SOC 2 Type 2 audited. We support businesses in Wisconsin, Minnesota, Iowa, and Illinois with technology strategies and solutions to improve your security position. 24/7/365 remote and onsite support.

locknet_logo

 

Digital Transformation Solutions

EO Johnson’s digital transformation consultants have solutions for every size and type of business. Reduce paper and secure your files with our bulk document scanning. Then streamline your business with process mapping and secured document management.

Resources

Gain insights and expand your knowledge with our collection of tools and resources. Stay informed about the latest in business technology, print services, and process improvement. 

Does Your Board Care About Cybersecurity?

2 min read

hero_angles
Locknet Managed IT

In the not-so-distant past, cyberattacks were infrequent and rarely made the front page of most major news outlets. Fast forward to today and news of cyberattacks are so frequent, they’re on a fast track to becoming the new normal.

Cybercrime news ‘overload’ causes many businesses and corporations to tune out from the ever-growing imminent threats. These threats damage brands and seriously delete bottom lines—making CEOs and board members more accountable. Yet, 75% of corporate boards are not actively involved in cybersecurity oversight.

Part of the problem is cybersecurity has traditionally fit ‘outside’ the definition of business risk.

The formal educations of most CEOs or board members did not include terms like: black and grey hat hackers, hacktivists, phishing, shadow IT, the dark web, etc. Historically, most boards left cybersecurity to “their IT guys” to figure out, and in today’s world, that is no longer enough.

So where to begin?

Taking on the issue of cyber risk from the boardroom is generating serious discussions about who should handle what. Is it a full-board issue or should it be delegated to an audit risk committee? Boards are rightlfuly concerned about shareholders and whether the right questions are being asked.

The National Association of Corporate Directors (NACD) suggests moving from an “our-layers-of-defense-make-us-secure” to “breach-is-inevitable-let’s-be-ready” mindset. That is not to say that organizations should give up on defense. In fact, quite the opposite is true—cybersecurity initiatives should be consuming a larger portion of the IT budget.

But, no matter how much is invested in a strong defense, readiness for a breach must be part of the picture. As a result, directors ask more probing questions about readiness, response, detection and how to handle a breach if it happens.

Here are 7 cybersecurity leadership questions board members should ask their organization:

  1. Are profit-generating assets adequately secured?
  2. How are we protecting high-value information?
  3. Is our cybersecurity strategy aligned with our business objectives?
  4. What measurements are used to test whether our cybersecurity program is effective?
  5. Are we investing enough resources in cybersecurity priorities?
  6. How would the organization detect a breach?
  7. How does our security program compare to our peers?

After a board becomes more familiar with its organization’s cybersecurity environment, members can drill down to deeper questions. The deeper question topics include threats, insurance, detection and how their organization finds and responds to incidents. It’s also important to know how the board will be informed of breaches.

All indicators show, today’s cyber security buck stops with the board of directors. They can no longer be bystanders because the cyber security risk issue has become as critical as the many other issues boards face.

The Wall Street Journal in an article titled, “Cybersecurity: Boards Must Ask Sharper, Smarter Questions” recommends that boards ask about lessons learned and how changes are made after cybersecurity incidents. They also suggest focusing on the overall evaluation of the security team’s response to the incident. This can lead to more mature discussions on the effectiveness of security controls and the overall security program.

The time to put mechanisms and find potential partners to assist your board is now.

angle_down_right
click_Icon

angle_up_middle

No Comments Yet

Let us know what you think