Andrzej Cetnarski

What 3 Board and C-Suite mindset shifts are critical to preventing a breach? Do your Directors and Senior Executives exemplify this mindset? Listen in to Episode 31 of your daily ™ and subscribe to it in video on Spotify and YouTube, or in audio on Audible, Apple Podcasts, or wherever you get your podcasts: https://podcasters.spotify.com/pod/show/cybernationcentral/episodes/Ep31-What-3-Board--C-Suite-Mindset-Shifts-Are-Critical-To-Preventing-A-Breach-2023-11-15-e2bvglq/a-aak5ufe

To learn how Nation Central® can turn your entire Board and C-Suite and your individual Directors and Executives into Certified Cyber-Ready Fiduciaries™ (CCRF™) with our proprietary ™ certification platform, message us or schedule a consultation at https://www.CyberNationCentral.com/Consultation

Ep31: What 3 Board & C-Suite Mindset Shifts Are Critical To Preventing A Breach (2023.11.15) by CyberBoardCast™ - Your Daily 90-Second Board & C-Suite Cyber Truths with Andrzej Cetnarski, MBA, MPA What 3 Board and C-Suite mindset shifts are critical to preventing a breach? Do your Directors and Senior Executives exemplify this mindset? Listen in to Episode 31 of your daily ™ and subscribe to it on Spotify, Apple Podcasts, Audible, or whereve...

Heads up: just charged and its with and internal control ! See below press release and .

The SEC's focus on public company disclosure of breaches will unearth that most companies have gaps that can get them into hot water. This is not a joke.

It's time that each , , Director, and take their cyber roles seriously. The resources are here. The SEC is just getting started with , and is already in talks with the SEC about what it can learn for its smaller business segment and private company .

It's time your Board and Management implement a cybersecurity protocol that gets you ahead of the regulatory compliance curve and instead chasing the hacker innovation curve, which is what will actually keep you breach deterrent -->

CEOs and Board Chairs, are you making your CISO the de facto CEO of your cyber organization? Why is that a costly mistake, even with the most competent of CISOs…. Listen in below and subscribe on YouTube: subscribe to CyberBoardCast™ on Youtube: www.YouTube.com/

Learn more at www.CyberNationCentral.com



https://youtu.be/RiP8aleZb0o?si=VMcvjog717Cbd-TA

CyberBoardCast Ep5 (2023.10.20): Why Making The CISO The CEO Of Your Cyber Org Is Not A Good Idea... CEOs and Board Chairs, are you making your CISO the de facto CEO of your cyber organization? Why is that a costly mistake, even with the most competent of CI...

CEOs and Board Chairs, how should you (not just your CISO) be thinking about your breach prevention protocol? Listen in and drop any questions below or via message.

Nation Central®

We stand with Israel

We stand with Israel.

A lot is being said about the MGM breach. But here is the fact: corporate Boards and C-Suites' current approach of fighting cyber breaches through mostly tech solutions and over-reliance on CISOs as the saving grace has allowed a $7.9 trillion cybercrime economy to bubble up - the third largest economy in the world after US and China. So think about it.... is what we've been doing working...?

And what if I told you that that same cybercrime economy is growing at 15% per year while cybersecurity is growing at 9.7%? Still think what we've been doing is working?

This is not Boards or C-Suites' fault - adversaries are crafty. But, unless you're ok with your 37.5% chance of being breached in the next 24 months, it's time for a new, holistic approach to organizational breach deterrence. In this BizTech article, based on my and our Cyber Nation Central® CSO & Board Director Marcus H. Sachs's remarks at RSA Conference 2023, Robert Keaveney does a brilliant job of summarizing the issue for Boards and Executive Teams.

Spoiler alert: cybersecurity is not just the things Boards & CEOs think it is, and not knowing that and not getting your protocols in place is costing you a potential breach.

https://biztechmagazine.com/article/2023/04/rsac-2023-build-healthy-culture-cyberdefense-start-board-directors

RSAC 2023: To Build a Healthy Culture of Cyberdefense, Start With the Board of Directors Boards and C-suites often underestimate the risk to their organizations and to themselves. That needs to change.

Folks, you can listen to pundits pontificating the SEC going easy on required cyber expertise on public Boards, or you can realize that hackers don't care. In fact, hackers love the SEC going easy on you: seeing lack of cyber expertise on your Board, hackers know that:
1) your cyber oversight is not optimized (that’s not a question). That makes you a target.
2) the cybersecurity of your Board Directors is a likely exploit into your company.

‘nuf said? And by the way, it's not the SEC's job to protect your customers, assets, and ROI. It's yours. If you can't self-discipline your organization into cyber-readiness from the Board-down, yield the CEOship or Board Chairmanship to someone who can. That’s what’s fiduciarily required.

https://www.wsj.com/articles/cyber-experience-on-boards-still-seen-as-critical-in-new-sec-rules-937702bd?mod=djemCybersecruityPro&tpl=cy

Cyber Experience on Boards Still Seen as Critical in New SEC Rules Companies will no longer need to say if their boards have cybersecurity experts under new rules from U.S. financial regulators, but that hasn’t diminished the importance of having them available, company directors say.

In today's dynamic cyber threat landscape, safeguarding businesses and investors demands a collective effort from Boards and C-Suites, beyond relying solely on the Chief Information Security Officer (CISO). At Cyber Nation Central®, we emphasize the shared responsibility of protecting against cyber threats, not as a "nice-to-have," but as a necessary step to prevent exploitation by threat actors.

Our Certified Cyber-Ready Fiduciaries™ (CCRF™) program reflects this belief by extending beyond the CISO's role and involving every individual in leadership positions. Cybersecurity is not just a technical concern but a strategic one that requires attention from the highest levels of decision-making.

As the business world increasingly integrates with the digital realm, acknowledging our collective responsibility becomes essential. We must move away from solely delegating cybersecurity to the CISO and instead adopt a collaborative approach where all executives actively contribute their expertise and diligence.

Looking ahead, we are eager to participate in the upcoming SEC public meeting*, engaging with partners, industry peers, and investors to foster a safer digital environment.

As leaders within our firms, we must unite and implement robust security measures, adopting a Certified Cyber-Ready Fiduciary™ mindset. By doing so, we can promote the common good for society, policies, and investors, ultimately paving the way towards a more secure and resilient business landscape.

*The SEC is holding a public meeting 7/26/23 to “enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incidents by public companies." Stay tuned for our summary analysis.
https://www.sec.gov/os/agenda-open-072623

The CISO's evolving role includes being exclusively accountable for all cyber strategy matters. However, should individual Board Directors and Executives partner with the CISO by getting to know their very specific roles in developing the cyber strategy for the organization and their corresponding fiduciary duties and tactical responsibilities in healthily growing the cyber profile of the organization?

Regulatory bodies emphasize cybersecurity as a crucial issue for all executives. But complying with cyber regulations is a low bar when you compare what hackers are after, because regulations are a lagging indicator of what must be done. Instead, cyber culture must evolve to keep current with the significantly more exacting nature of the hacker innovation curve.

And culture starts at the top. Set your cyber-ready culture by getting your entire Board and C-Suite Certified as Cyber-Ready Fiduciaries (CCRF™) with Cyber Nation Central® and gain admission into the Cyber Nation Central® Directors and Officers Network™ (CNCDO™). Learn more: https://www.cybernationcentral.com/Consultation

https://www.dice.com/career-advice/solarwinds-sec-and-cyber-changing-times-for-cisos

SolarWinds, SEC, and Cyber: Changing Times for CISOs The SEC is increasing its scrutiny of SolarWinds and the actions of the company’s executives, including its CISO, in the wake of a massive supply chain attack. If the commission does move ahead with civil enforcement charges, industry insiders predict the role of the security leaders and their tec...

I'm thrilled to speak on "securing the organizational ecosystem" at the upcoming Digital Summit by KIKrr. With the rising level of Boards and C-Suites' cybersecurity-related culpability, I'll be addressing:
1) Directors and Executives rising cyber fiduciary duties critical for organizational regulatory compliance.
2) Their rising need for more effectively supporting the CISO and their resulting tactical responsibilities critical for actual breach deterrence, and
3) What's required of Boards and C-Suites to build a sustainable culture of breach-deterrent cybersecurity that permeates the organization from the Board down.

Join us this coming Wednesday, July 26th, at 11am ET. Register at: https://www.linkedin.com/events/7084940913990406145

Securing the Organizational Ecosystem | LinkedIn In an increasingly interconnected world, safeguarding your organization's digital infrastructure is paramount. Join us for this important event to hear from industry leaders Jeff Roberts, Matt Kunkel, and Andrzej Cetnarski about the latest trends, strategies, and innovations in securing your organiz...

CEOs, Board Chairs, and CFOs: did you know that you have a 100% probability-adjusted chance of experiencing a $1.8mm hit to your Profit & Loss in the next 12 months from a cyber breach ($2.1mm for healthcare)? 100%....

Why?

The average cost of breach is $9.9mm ($11.1mm in healthcare). You have an 18.75% probability of experiencing a breach in the next 12 months. Therefore, you have a 100% probability-adjusted chance of incurring the resulting $1.8mm cost over the next year ($2.1mm in healthcare).

Moreover, this excludes hidden, "beneath-the-surface" costs: operational disruption, customer and revenue loss, insurance premium increases, reputational and psychological damage, loss of IP, etc.. These “beneath-the-surface” costs which have been shown to amount to nearly 30x that amount, making your potential average exposure exceed $50mm over a 5-year period, from one breach.

What’s the solution?

Unless you implement a proper breach prevention protocol from the Board down, a conservative Board ought to require a contingency reserve for this contingent liability. A less-conservative Board should at least mandate financial statement disclosure. Get the full analysis here: https://www.CyberNationCentral.com/whitepaper?utm_source=socialmedia&utm_content=probabilityadjustedbreachcost&utm_campaign=thoughtleadershiporganic20230718&utm_medium=facebook