Powered by MOMENTUM MEDIA
cyber daily logo
Breaking news and updates daily. Subscribe to our Newsletter

Tesserent releases 12-point plan to empower company directors in improving cyber standards

The current cyber security climate and the rapidly growing number of cyber threats faced by organisations on a daily basis have resulted in more and more company boards and directors calling for bolstered cyber security.

user icon Daniel Croft
Wed, 03 Jan 2024
Tesserent releases 12-point plan to empower company directors in improving cyber standards
expand image

According to business cyber security specialists Tesserent, cyber security is now one of the major concerns faced by company directors and boards.

“Cyber security is now a top operational risk. It has been a baptism of fire for many non-technical board members who this year have had a big wake-up call and are now investing in their upskilling and knowledge,” said Tesserent chief executive Kurt Hansen.

“Company directors are asking key questions about their role in cyber security, what they need to do and the path they need to take their organisation. This sharply contrasts a few years ago [when] most enquiries originated by technical teams and CISOs.”

============
============

To assist organisations in strengthening their cyber posture in a world where anyone is a potential attack target, Tesserent has developed a 12-point plan for company directors.

The plan outlines the early stages of implementing good cyber security practices all the way to assessing and analysing where improvements can be made. The list, as written by Tesserent, can be found below.

  1. Cybersecurity governance

- Establish a robust cyber security governance framework with clearly defined roles.

- Integrate cyber security seamlessly into overall corporate governance structures.

  1. Risk management

- Regularly assess cyber security risks, internal and external.

- Implement risk mitigation strategies and contingency plans.

  1. Regulatory vigilance

- Stay informed of data protection and cyber security regulations.

- Align cyber security practices with legal and regulatory requirements.

  1. Cyber security culture

- Cultivate a cyber security-aware culture at the board level.

- Invest in ongoing training for board members to stay ahead of emerging threats.

  1. Incident response planning

- Develop and regularly update your incident response plan.

- Conduct tabletop exercises to test response to various cyber threats.

  1. Supply chain/third-party risk management

- Assess and manage cyber security risks with third-party vendors.

- Ensure third-party contracts include cyber security requirements.

  1. Investment in cyber security

- Allocate ample resources and budget for cyber security initiatives.

- Prioritise investments based on risk assessments and specific organisational needs.

  1. Security metrics and reporting

- Establish key cyber security performance metrics for regular board reporting.

- Review and analyse reports to track the effectiveness of security measures.

  1. Insurance considerations

- Assess the need for cyber insurance and review policy coverage.

- Understand the terms and conditions for comprehensive protection.

  1. Board cyber security expertise

- Consider adding cyber security expertise to the board through hiring or advisory roles.

- Ensure board members have a baseline understanding of cyber security principles.

  1. Continuous improvement

- Regularly review and update cyber security policies and procedures.

- Stay informed about emerging threats and technology trends.

  1. Cyber security audits

- Conduct regular cyber security audits to assess security control effectiveness.

- Use audit findings to drive continuous improvement in the organisation’s cyber security posture.

Tesserent’s new initiative comes soon after the release of the 2023–2030 Australian Cyber Security Strategy, which outlines the government’s plan to make Australia the most cyber secure nation in the world by 2030.

Tesserent said the strategy “specifically addresses the need to scale our cyber security maturity and resilience to meet the challenges of the next decade and beyond”.

“Company directors and other senior leaders are at the forefront of helping secure our nation against cyber crime,” it said.

Daniel Croft

Daniel Croft

Born in the heart of Western Sydney, Daniel Croft is a passionate journalist with an understanding for and experience writing in the technology space. Having studied at Macquarie University, he joined Momentum Media in 2022, writing across a number of publications including Australian Aviation, Cyber Security Connect and Defence Connect. Outside of writing, Daniel has a keen interest in music, and spends his time playing in bands around Sydney.

newsletter
cyber daily subscribe
Be the first to hear the latest developments in the cyber industry.