The Internet Security Alliance (ISA) and the European Confederation of Directors’ Associations (ecoDa) released Cyber-Risk Oversight 2020, a handbook on cyber-risk management for corporate boards of directors in Europe.
Improving cybersecurity and risk management
“A cyberattack is not what a Board of Directors wants to face in the midst of the Corona crisis. Our handbook will help prevent such a scenario”, said Béatrice Richez-Baum, Director General at ecoDa.
“The COVID-19 virus is a catalyst for expanded digital transformation. We are already seeing substantial adaptation by organizations who are being forced to operate in an increasingly on-line fashion,” said ISA President Larry Clinton.
“As enterprises move ever more quickly to adopt online mechanisms, it is easy to forget that these needed innovations also can create increased cyber risk. This handbook provides a roadmap for organization’s leaders to follow and increase the resiliency of their systems in this new environment.”
Cyber-Risk Oversight 2020: The features
The new handbook, is co-branded by ISA, AIG and ecoDa, will be based on the Cyber Risk Handbooks ISA has previously developed for the US National Association of Corporate Directors.
“The increased risks of cyber-attacks are a reality that companies have to cope with. Business resilience depends on the capacity of board members to embed cybersecurity in all aspects of their strategy.”, said Béatrice Richez-Baum.
The process to develop the version of the Cyber Risk Handbook for Europe included multiple workshops and webinars with European corporate directors which led to making several adaptations to the unique cultural, legal, and business differences in Europe.
“The prescriptions found in these handbooks have been tested in global surveys and found to significantly improve cybersecurity budgeting and enhance cyber risk management by better connecting business goals with cyber security and creating a culture of security,” said Clinton.
“Working with the ecoDa community and AIG has enabled us to adapt the principles and toolkit in these handbooks to the unique European cultures and perspectives. While this handbook is uniquely European, it is also consistent with the global trend toward understanding cybersecurity as more than just an IT issue but as an enterprise-wide risk management issue,” said Clinton.
The handbook is built around five core principles enlightened by a practical toolkit. The substance is summarized in a short and straight-forward version that helps the reader to navigate among the essential elements.