Cybersecurity risk management regimes being developed by U.S, EU and APAC regulators are driving cybersecurity risk management compliance into the board rooms of public and private organisations. In our view creating situational awareness through risk management, enabling boards need to make better more informed decisions about their cybersecurity posture left of bang.
Where once boards had an option to implement cybersecurity they must decide if they want to participate in a regulated market, they must implement cybersecurity risk management. Organisations that are not publicly traded should also be concerned, as they maybe suppliers of public firms that will be expected to understand and manage their cybersecurity supply chain risks.