Majority of the borad members (68%) in the FTSE 350 said they have not been trained in responding to a cyber attack, according to the research by accountants KPMG on behalf of the government. Marco Cova, Senior Security Researcher at Lastline commented below.
Marco Cova, Senior Security Researcher at Lastline:
“While this is a somewhat worrying revelation, it’s definitely not surprising. Board members with diverse job functions within an organization have struggled in the past to understand how serious a cyber-incident can be. While large-scale incidents like Not Petya may have gone some way towards remedying this, there is still something of a disconnect between the security team, the CISO, and the board. This is a problem which requires a top down solution, with the board and the CEO engaging more with how to respond appropriately to cyber incidents in order to set a good example for all employees below them in the business.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.