Digital Mindset
Digital governance updates, posts about innovation and other news.
7 questions Directors should ask about cyber & data security
7 Questions directors should ask about cyber and data security. My summary notes following the AICD Australian Governance Summit 2023 session on Cyber Security that asked “Does your Board have the right safeguards in place”.
AXA Future Risks Report 2022 - #3 Cyber
For the fifth year in a row, cyber threats rank among the top three hazards in the AXA Future Risks Report 2022. Since 2018, cyber security threats have been among the top three expert-ranked risks, trailing only climate change and geopolitical instability in this year's report.
Governing prioritisation, product delivery, and product outcomes
One of the most significant risks for organisations engaging in digital product development is ensuring the product roadmap is delivered on time and on budget, as well as ensuring the business is focused on the appropriate things. These risks are addressed through governing prioritisation, product delivery, and product outcomes.
Digital governance subcommittee
Establishing clear roles, responsibilities, and decision-making processes for the use of digital technologies within an organisation is part of good IT governance for boards. This can involve defining the board's role in overseeing and managing the organization's use of digital technologies, as well as setting policies and procedures for the organization's use of digital technologies.
Cybersecurity resources for boards
Recent cyber breaches on firms such as the Medibank Cyber Breach and Optus attack serve as a reminder of the importance of cybersecurity and the need for businesses to take precautions against such threats. Boards cannot claim a lack of awareness of the risk to their organisations given the frequency with which data breaches and cyberattacks are revealed. As a result, directors must have a broad understanding of cybersecurity risk and what it means for their oversight responsibilities, as cybersecurity has evolved into a risk that must be addressed as part of a larger enterprise-wide risk management framework rather than as a distinct issue.