Until employers start to prioritise information security, then the culture won't change and employers will continue to make mistakes. But if those mistakes do happen and data is breached, then employers need to be smart and act quickly to ensure the best possible defence is available.
Senior management must understand the state of information or cyber security today and how it affects enterprise objectives and the delivery of value to customers and other stakeholders. A number of recent publications talk to this topic.
The role of the Board of Directors has necessarily adapted to include an increased focus on risk management. In our digital world, cyber-attacks are now a pervasive risk and the perceived lack of board oversight has garnered scrutiny by consumers, regulators, legislators, litigants and the media.
Established in 1995, First Reference Inc. (known as La Référence in Quebec) provides Canadian organizations of any size with practical and authoritative resources to help ensure compliance.