Mike Donoghue CISSP CIPP/E PCIP’s Post

I often find myself talking to our customers about engaging with board level and senior management around the topic of cyber security and conscious decisions. The following article on the on the Nation Cyber Security Centre website specifically focusses on the challenges of who is responsible and how to build effective communications. Have a read of the article here: https://lnkd.in/eSiDeEbH This useful resource is a Board Toolkit to help organisations prioritise areas for investment, demonstrate compliance, understand their enterprise estate and identify critical business operation areas: https://lnkd.in/enM_v37P

Systemic risk in complex digital business systems is a critical enterprise risk that too many organizations are overlooking. It is imperative that directors educate themselves and understand the implications of our digital transformations in an ever-evolving and highly-complex digital society.

Three years ago, I became a certified Boardroom Qualified Technology Executive (QTE) after seeing how often corporate leaders faced costly, risky decisions in the realm of digital threats—decisions that could be mitigated with the right insights and strategies. This journey led me to the Digital Directors Network (DDN) and its innovative approaches to digital risks, like the DiRECTOR framework which I believe is instrumental in transforming how enterprises manage cyber risk. The recent CrowdStrike incident is a prime example of the systemic cyber risks that are becoming all too common in our interconnected digital environments. These risks extend far beyond third-party vulnerabilities and require a deep, systemic approach to manage effectively. Why I Share This... I'm not just advocating for a framework or promoting Cyber Assurance, LLC; I'm sharing a part of my professional life's work. My commitment is to deepen our collective understanding and resilience against these pervasive risks. For those reevaluating their risk posture or simply needing guidance in these turbulent times, know that my team and I at Cyber Assurance are deeply engaged in these matters. We’re here to help, educate and, if needed, to guide. Reach Out for a Thoughtful Discussion... Feel free to connect if you’re seeking to understand or address the implications of digital risks more comprehensively. Let’s ensure that systemic resilience is more than a buzzword in your organization. #NASD CrowdStrike #CISO

The CrowdStrike incident is an example of third-party systemic #cyber risk. In this case an inherent risk within complex and highly interconnected digital business systems. Hackers are also increasingly leveraging systemic cyber weaknesses in their targeting. Systemic cyber risk also extends well beyond third-party risks. Systemic cyber risk is a rapidly expanding dimension of enterprise risk that is largely ungoverned and under-managed. We created the DiRECTOR framework in 2019 and have been teaching and certifying #CIOS #CISOS and #Directors to this standard since then. I'm sharing the white paper to help raise the bar on understanding and our collective systemic resiliency. #QTE Digital Directors Network

We are excited to invite you to an insightful webinar that will shed light on the pivotal changes in the cyber security legislative framework within Europe. #NIS2 #cybersecurity #cyber #compliance #risk Key Takeaways Understanding the Transition Legislative Overview Organizational Impact Compliance Strategies Roadmap Development

Managing cyber risk is imperative for every enterprise and every CISO. This is particularly relevant in today’s environment of: Increasing threat of AI-driven cyber attacks Increasing personal liability for CISOs for data breaches Increasing regulatory pressure (e.g. SEC Cyber Rule) This paper provides you with strategies and best practices to create robust and effective board-level reporting so that your organization can be better equipped to navigate potential threats and prevent material damage. #riskmanagement #crq

How can CISOs measure the financial impact of cyber risk across their organisation? Cyber Risk Quantification is no longer an optional 'nice to have' but rather a critical tool for validating cyber security plans to boards and other key stakeholders. Read our best practice tips for communicating cyber risk and justifying current and future strategic cyber investments. https://lnkd.in/gDzbQ-A9 #CISO #CIO #CRO #generalcounsel #compliance #cybersecurity

D&O and Cyber policies can differ in responding to cyber-attacks. Learn how to pick the right policy for your company and avoid coverage gaps. https://ow.ly/Omsc30sGFR4 #Risk #Cyber

D&O and Cyber policies can differ in responding to cyber-attacks. Learn how to pick the right policy for your company and avoid coverage gaps. https://ow.ly/CupZ30sGPLV #Risk #Cyber

Are you looking to explore innovative solutions to improve your company’s cybersecurity capabilities and reduce risk? 🔐 Attend the Cybersecurity & Identity Summit-a two-day event dedicated to cyber risk prevention and digital identity management. For more information, click below! 🌐https://cis2024.ca/ 📧 [email protected] Tej Khachh | Canadian Cyber Forum (formerly the - Ottawa Cybersecurity MeetUp) #CISsecurity #Cybersecuritytips #identityprotection #AIsecuritysolutions #quantumcomputing #CIScommunity #Cybersecuritynews #identitysecurity #AIsecuritythreats #quantumencryption