Skip to main content

Why Your Board Needs To Bolster Their Cyber-Security Involvement

blog board cyber-security senior management
Although cyber-security has remained a top concern for UK organisations, recent data revealed that senior managers have yet to join the conversation. The government’s Cyber Governance Health Check discovered that just 16 per cent of corporate leaders demonstrated a full understanding of the potential impacts that a cyber-attack could have on their organisation. What’s worse, more than 30 per cent of senior managers reported that they don’t possess a cyber-security strategy that aligns with their organisational objectives—making it clear that cyber-security is far from a priority in senior-level decision-making processes and business operations.

Nevertheless, company leaders like you could suffer significant consequences if you lack awareness of your organisation’s cyber-security measures. Specifically, senior managers who fail to include themselves in their company’s cyber-security conversations could be found negligent in the event of a data breach—receiving hefty GDPR fines, lost customers or contracts, and reputational downfall.

Don’t leave cyber-risk management responsibilities in the hands of your IT department or individual employees. Use this guidance to ensure senior managers like you are involved in organisational cyber-security measures and promote a company culture of cyber-risk awareness. 


  • Join the conversation — To fully understand your organisation’s unique cyber-risks and help make an informed decision on cyber-security measures, you need to communicate regularly with your company’s cyber-experts. Be sure to include a cyber-security professional (e.g. a leader from the IT department) on your board or senior-level leadership team. In addition, make it a priority to discuss cyber-risks and control measures on a routine basis.
  • Don’t ignore documentation — A major component of comprehending cyber-risk within your organisation is utilising proper documentation. Be sure that your organisation’s corporate leaders are involved in the creation and review process of this documentation, including your company’s cyber-risk assessment and cyber-incident response plan. Further, your senior-level leadership team should take advantage of resources that your organisation provides to all staff members—such as tips for avoiding phishing scams and how to make a strong password.
  • Secure cyber-cover — More than anything, you can ensure ultimate protection against cyber-security threats with robust insurance solutions. 

For more information, contact ICB Group today.

E: reception@icbgroupuk.com
T: 01784 608 100
W: www.icbgroupuk.com/contact-us

The content of this Profile is of general interest and is not intended to apply to specific circumstances. It does not purport to be a comprehensive analysis of all matters relevant to its subject matter. The content should not, therefore, be regarded as constituting legal advice and not be relied upon as such. In relation to any particular problem which they may have, readers are advised to seek specific advice. Further, the law may have changed since first publication and the reader is cautioned accordingly. © 2019 Zywave, Inc. All rights reserved.