Given the ever increasing importance of cybersecurity, in general and specifically as it relates to ICS, one of the most important relationships inside your company is between the board of directors and those responsible for ICS security. Yet this relationship faces many challenges because of the very different perspectives each side comes to the table with. This session will address some of the most significant issues you need to address and provides guidance on effective approaches.
Critical to all of this is understanding how to frame the information, at times complex and technical, you present to the board in a way that is understandable, compelling and resonates with them. This requires that you show the board the connections between the security issues you deal with and the governance issues — long-term growth, revenue, reputation, investment (including in cybersecurity), risk management and regulation — that are within a board’s purview. In addition, this requires a new way of thinking and informing the board about ICS cybersecurity risks, in particular in how to identify and measure the activities that determine the effectiveness of your risk mitigation efforts.