In the modern world, virtually all levels of organisational activity have technology implications, and the potential damage from a cyberattack or data breach can be significant. It is important that boards receive comprehensive reporting from management about cyber risks and incidents, and actions taken to address them.
To help improve reporting on cybersecurity, our guide sets out:
- guiding principles on reporting to boards
- questions to ask in developing cybersecurity metrics
- sample dashboards.