TMCnet News
NACD, AIG, ISA and DHS Announce New Effort to Enhance Corporate Boards' Cybersecurity Oversight(Targeted News Service Via Acquire Media NewsEdge) WASHINGTON, July 29 -- The National Association of Corporate Directors issued the following news release: Today, the National Association of Corporate Directors (NACD) (http://www.nacdonline.org/), American International Group (AIG) (http://www.aig.com/home_3171_411330.html), the Internet Security Alliance (ISA) (http://www.isalliance.org/) and the Department of Homeland Security (DHS) (http://www.dhs.gov/) announced at the National Press Club the availability of the NACD Directors' Handbook on Cyber-Risk Oversight on the US-CERT website. DHS' Critical Infrastructure Cyber Community (C3) Voluntary Program helps align critical infrastructure owners and operators with existing resources that will assist their efforts to adopt the National Institute of Standards and Technology (NIST) Cybersecurity Framework and manage cyber risks. The NACD handbook, developed with ISA and AIG, advises directors to set the expectation that their management teams have considered the NIST Framework in developing cyber-risk defense and response plans. The handbook focuses on cybersecurity oversight at the board level, and is organized around five key principles that cover a wide spectrum of board-level considerations related to oversight of cybersecurity. Cyber-Risk Oversight is the first private sector resource to be featured on the C3 Voluntary Program's Getting Started for Business website (http://www.us-cert.gov/ccubedvp/getting-started-business) and is available for public download on the NACD website (http://www.nacdonline.org/Cyber). Ken Daly, president and CEO, NACD; Mark Camillo, head of cyber products for the Americas Region, AIG; Larry Clinton, president and CEO, ISA; and Dr. Andy Ozment, Assistant Secretary for Cybersecurity and Communications, DHS discussed the handbook's recommendations at the event. "We applaud NACD's commitment to strengthening our Nation's cybersecurity posture beyond just their members," said Dr. Ozment. "It demonstrates that the NIST Framework is being embraced across industry sectors through a far-reaching organization like NACD, and at the most senior levels of the corporate Enterprise Risk Management community - corporate boards of directors. These most senior business leaders steer our nation's economy." Cyber-Risk Oversight embraces the voluntary industry-government partnership approach that is critical to enhancing the nation's cyber security. Through its programs DHS has emphasized the importance of cyber literacy at the board level. The handbook is designed to provide corporate directors with expert guidelines to improve their cybersecurity oversight. "Ninety percent of directors participating in our latest governance survey indicated they would like to improve their understanding of cybersecurity risk," said Ken Daly, NACD president and CEO. "This handbook provides boards with practical tools to do just that, including self-assessment questions for directors, sample board report dashboards, and guidelines for conversations with management." "The complexity of cyber threats has grown dramatically over the past decade. As the intricacy of attacks increases, so does the risk they pose to corporations," said Mark Camillo, head of cyber products for the Americas Region for AIG. "Conscientious and comprehensive oversight of cyber risk at the board level is essential." Boards should adapt the recommendations set forth in the handbook based on their company's unique characteristics, including size, life-cycle stage, business strategy, industry sector, geographic footprint and culture. "Recent breaches in both the public and private sectors have put the issue of cybersecurity on every board's agenda," said Larry Clinton, president and CEO of ISA. "This handbook is a natural extension of ISA's mission to create private sector standards and practices that integrate both the technological and economic aspects of cybersecurity, and provides a useful complement to the NIST framework by placing it in an enterprise wide risk management context." Access the Cyber-Risk Oversight handbook at www.NACDonline.org/Cyber. About DHS The DHS National Programs and Protection Directorate (NPPD) is responsible for safeguarding our Nation's critical infrastructure from physical and cyber threats that can affect national security, public safety, and economic prosperity. DHS actively engages the public and private sectors as well as international partners to prepare for, prevent, and respond to catastrophic incidents that could degrade or overwhelm these strategic assets. [Category: Business] CC AutoTriage10PkS-140730-30TacordaCheng-4812991 30TacordaCheng (c) 2014 Targeted News Service |