How can companies prepare for, weather, and recover from a breach? In this podcast, Andrea Bonime-Blanc, Founder and CEO of GEC Risk Advisory, offers her best practices for cyber resilience: they begin and end with leadership. She recommends executives build and grow a culture that is cyber resilient, with boards aware of cyber risk and employees practicing cyber hygiene.
Fair or not, CISOs carry the responsibility for cyber breaches. Consequently, it is important that these often tech-trained professionals expand their skill sets. Andrea believes “CISOs need to be cross-disciplinary,” able to make boards aware of risk and capable of speaking to business executives in terms they will understand.
Once the inevitable has happened what is the best and, crucially, fastest way to recover? Have a crisis management plan, a liaison on the board, and ensure leadership communicates with stakeholders empathetically and effectively. For Andrea, the companies who have recovered most successfully are those with leaders who are “stakeholder savvy, not just shareholder savvy.”
- 02:06 — How can companies plan to be cyber resilient? Build a cyber-resilient culture inside your company, fold in contractors too.
- 05:33 — CISOs’ skillsets need to be cross disciplinary.
- 08:34 — The components you need to respond well to a breach or attack.
- 12:01 — Good leadership and communication is the differentiator between coping with a breach and not.