ABSTRACT
The board has a fiduciary responsibility to protect the shareholders and other stakeholders such as regulatory agencies, customers, and the social and cultural environment from negative impacts resulting from the company’s actions. For the largest corporations, reporting to the board of directors by the C-level suite and executive management on strategic initiatives is not something new. The board of directors has become more interested in cybersecurity issues. In many chief information security officer minds, the Target Breach was a very significant event, a watershed moment that was discussed at most security conferences at the time. There are multiple activities in the delivery of cybersecurity to be taken to reduce the cost of cybersecurity, and these activities may be demonstrated to the board. Increasing focus on business resiliency can also reduce the business impact of an outage by quickly enabling the organization to get return to the normal state of operations.
