Need a unique essay?
Order now

Research Paper Example: Role of Board Members in Cybersecurity

5 pages
1256 words
Wesleyan University
Type of paper: 
Research paper
This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Increased technological advances in data management systems are continuously posing threats and security risks in many organizations. Cybersecurity is a concern for todays businesses. Therefore, the success of organizations lays in the ability to manage Cybersecurity, Reber (2017). Cybersecurity helps in effective management of information and organizations data in order to ensure there is no breach of information. Data management has become a very crucial management issue since it possesses many security risks to a company. Padgett-Beale is a data-intensive organization; therefore, the management should put in place appropriate Cybersecurity strategies that address Cybersecurity risks. It is the fiduciary duty of the Board of Directors to protect the assets of the organization for the benefit of the investors. According to National Association of Corporate Directors (2017), the Board of Directors should provide proper oversight of cyber risks in their organization. Cybersecurity risks expose an organization to security threats that can damage the reputation of an organization hence affecting the assets of the investors. Therefore, Cybersecurity management is a key role of the Board of directors to safeguard the safety of an organization.

Board of Directors has a responsibility to provide governance system for an organization. This includes formulating policies and strategies that minimize the exposure of an organization to any form of risks. Therefore, Board members have a responsibility to provide strategies that ensure effective management of Cybersecurity. The Board of directors should promote a culture of responsibility among all employees in terms of Cybersecurity issues. To develop policies and strategies that are effective in managing Cybersecurity, Board members need to understand the risk appetite that cyber -attacks pose to an organization.

The Board members should be aware of the implication of a breach to the general wellbeing of an organization. According to National Association of Directors (2017), Cyber criminals can attack an organization in order to access classified information on contracts, human resource, client data and other organization sensitive information. Such classified information can be used to compromise the credibility of an organization. Therefore, the issue of Cybersecurity is a crucial concern of the Board of Directors. Every organization is vulnerable to cyber-attack. According to Reber (2017), shareholders and stakeholders expect the Board of Directors to manage any form of risk in an organization. Since it is the responsibility of the Board of Directors to protect the interests of the shareholders and stakeholders, management of Cybersecurity is a key role of the BoD.

The Board members should be dedicated to providing effective and efficient oversight of the Cybersecurity team to ensure that proper security measures have been put in place for effective management of Cybersecurity threats. Lack of proper oversight of Cybersecurity management has promoted increased vulnerability of organizations to cyber-attacks. To provide effective oversight of Cybersecurity, Board of Directors should have cyber literacy. Appropriate knowledge about Cybersecurity will help the Board of directors to understand terminologies when reviewing Cybersecurity reports hence effective oversight. Sufficient information on Cybersecurity will help to ask the right questions during the review of the measures that have been put in place to manage Cybersecurity.

It is the duty of the board of directors to comply with the regulations and the legislation put in place by the government. According to the Company Act (2008), all Board of Directors has a fiduciary duty to protect the interests of the shareholders and stakeholders of the organization. Therefore, the board of directors should make decisions that are in line with expectations of the shareholders and the stakeholders. The board of directors should ensure that Cybersecurity strategies put in place comply with the legal expectations, Fitzgerald et al. (2017). This will facilitate the compliance of an organization to the set regulations by the government. Cybersecurity issues are considered as technical issues that should be handled by a technical team. This is not the case according to National Association of Corporate Directors; the association states that the board of directors should address cybersecurity issues since a breach could lead to legal complications on an organization.

The board of directors should have a clear visibility of the network that manages organizations information. Ability to understand how devises and users promote Cybersecurity is important for a board member. Cybersecurity is an issue that concerns every employee in an organization. Therefore, board members should ensure that proper measures are put in place to prevent any breach. The board of directors should ensure that their devices are updated in terms of security maintenance in order to prevent cases of cyber -attack. Since critical information is shared among board members through network devices, all board members should ensure that their devices are well configured to prevent any gap that can be exploited by cybercriminals. The board members should facilitate proper maintenance of organizations network systems by providing proper management support.

For the Padgett-Beale organization to achieve effective Cybersecurity management, the board of directors has a role to play. According to Peter Gleason, Directors dont need to be technologists to play an effective role in cyber risk oversight- but every board can take the opportunity to improve the effectiveness of their cyber oversight practices. Veltsos (2017). The following areas need to be addressed in order to achieve effective Cybersecurity management. Creating awareness about Cybersecurity to all the employees, developing a strategy that addresses management of Cybersecurity, recruiting a Cybersecurity committee, incorporating Cybersecurity issues in the goals of the organization and developing a mechanism for evaluating the effectiveness of Cybersecurity measures put in place. Addressing these issues will help the board members to minimize the vulnerability of the organization to cyber risks. Promoting education and creating awareness about Cybersecurity will help all employees to b be responsible when handling organizations data hence promoting increased Cybersecurity.

The board of directors should develop policies and strategies that address how Cybersecurity issues should be managed and promoted in the organization. Lack of proper frameworks that address how Cybersecurity should be managed has increased the vulnerability of many organizations to cyber-attacks. Therefore, appropriate strategies should be developed in order to manage Cybersecurity issues. The board of directors should develop a special team that is responsible for managing Cybersecurity. The team should be responsible for ensuring that all the departments in the organization promote Cybersecurity. The board of directors should incorporate Cybersecurity into the goal of the organization. This will facilitate continuous improvement of the measures taken to address Cybersecurity. Since organizations are faced by technological advances every day, issues of Cybersecurity are dynamic. Therefore, strategies to manage and control Cybersecurity require continuous update and improvement. The board members should develop mechanisms to evaluate the progress of Cybersecurity systems. Effective evaluation and appraisal of cyber management systems will facilitate confidence on Cybersecurity hence reducing organizations vulnerability to cyber risks.

Board of directors has a critical role to play to ensure that an organization is safe from Cybersecurity threats. Proper communication channels on what is required from every employee concerning Cybersecurity helps to promote responsibility among employees. Therefore, board members should ensure that information flows seamlessly through all departments. The board members should offer oversight on the progress and management of Cybersecurity. Sufficient information on Cybersecurity will help the board members to manage Cybersecurity effectively hence providing safety and security for the organizations assets.


Companies Act. (2008). Duties of a Director.

Fitzgerald, P. & Ridgway, W. (2017). Cybersecurity Trends for Boards of Directors. Harvard Law School Forum on Corporate Governance and Financial Regulations.

National Association Corporate of Directors. (2017). Directors Handbook on Cyber Risk Oversight.

Reber, G. (2017).Corporate Board Responsibility: The Cybersecurity Buck Stops Here.Veltsos, C. (2017). NACD Publishes Five Cybersecurity Principles Every Board Director Needs to Know.

Have the same topic and dont`t know what to write?
We can write a custom paper on any topic you need.

Request Removal

If you are the original author of this essay and no longer wish to have it published on the website, please click below to request its removal: