Select a region
Boards of directors must take steps to make themselves aware of cyber threats and their organisations’ continuity plans, according to the panel at a recent cybersecurity seminar organised by local telecoms company Sure.
The seminar, entitled ‘Securing the Perimeter: your cybersecurity questions answered’, featured a panel moderated by Sure’s head of sales Vince De La Mare.
In the wake of the recent Wannacry attack culpability was high on the agenda and the four-person panel agreed that board members had to take responsibility for cybersecurity and understand the threats faced by organisations in the modern business landscape.
Responding to an audience question, Sure’s digital champion Justin Bellinger said that cybersecurity is a board-level concern and that Sure has technically-able people on its own executive committee to ensure that knowledge is shared and understood.
“A board member doesn’t necessarily have to understand the technical facts underpinning an attack but they should understand the basics of how attacks work, what the business’ continuity plan is and the impact cyberattacks can have,” he said.
Wayne Atkinson, group partner at Collas Crill, agreed: “Certainly for financial services companies, the regulator will say that the buck stops with the board; ignorance of an issue is not a defence.”
The panel addressed a series of audience questions and concerns such as whether data regulation has gone too far, whether people are the weakest link in an organisation and what the top cyber threats are currently.
Colin Vaudin, the States of Guernsey’s chief information officer, spoke about what the government is doing in response to increased regulation and to protect islanders.
The governments of Guernsey and Jersey are in touch with the National Cybersecurity Centre in the UK to share information and establish a partnership.
Mr Vaudin said: “We’d like to implore local companies to anonymously share information on cyberattacks as this will enable us, as an island, to be more prepared and have more knowledge on the types and frequency of attacks we face.”
The panel agreed that businesses should know their digital supply chains, be aware of where their digital data is being stored and familiarise themselves with the EU’s General Data Protection Regulation (GDPR) which comes into play in 2018.
Johan Dreyer, director of technical services at email security provider Mimecast, said: “You can’t protect against cyberattacks unless you do the basics really well; keep your software up-to-date, use supported systems and install the latest patches. You wouldn’t leave the doors unlocked on your house, so don’t do the same with your cybersecurity.”
The seminar was held at the Digital Greenhouse on Wednesday 14 June.
