What's the board's first question when a cybersecurity incident occurs?

Security & GRC Resilience

Resolution time39%

Cost47%

Reputational Impact13%

Other (please share below!)

491 PARTICIPANTS

3k views1 Comment

Sort by:

Strategic Banking IT advisor in Banking2 years ago

I guess the first question will be around "how long to fix this". The longer it takes, the more visibility it will have. This will impact the reputation of the organization and will cost more (customer loss, cost to fix, penalties if any).

But I agree with James, has it impacted any regulatory rules? Because this leads to another ball game: you will be audited by the regulator authority.

This also applies not only to Cyberattack but also for databreach/dataleak.

Content you might like

Are you seeing changes in the quality or speed of threat intelligence from sources you relied on in previous years? Can you share how you are being impacted so far by the uncertainty around public-private partnerships for cyber information sharing?

What’s your top barrier to adopting AI-driven pentesting?

Lack of mature vendor solutions42%

Trust in AI accuracy62%

Budget constraints17%

Skills to operate the tools28%

View Results

How can security leaders in smaller organizations stay informed about emerging threats if they don’t have access to formal threat intelligence feeds?

Has anyone drafted an SOW for a cloud-based SIEM with setup, migration, and maintenance? I’m working on a FedRAMP-authorized SIEM SOW, migrating from on-prem Splunk, covering data, searches, alerts, dashboards, and models. Scope includes Environment Setup: Cloud provisioning, configuration, testing. Connectors/Parsers: Custom data source integration. Content Development: Rules, use cases, threat feeds. Performance Tuning: Query/index optimization. Runbooks: Operational procedures. Also required: 24x7 support, maintenance, lifecycle and application management, role-based training, and documentation. Must comply with NIST SP 800-53, CJIS, and FedRAMP Moderate+. Goal: Secure, scalable SIEM for rapid deployment. I may be missing elements, so suggestions are welcome. Please share redacted SOWs or tips if possible.

What's the board's first question when a cybersecurity incident occurs?

Sort by:

Content you might like

Are you seeing changes in the quality or speed of threat intelligence from sources you relied on in previous years? Can you share how you are being impacted so far by the uncertainty around public-private partnerships for cyber information sharing?

What’s your top barrier to adopting AI-driven pentesting?

How can security leaders in smaller organizations stay informed about emerging threats if they don’t have access to formal threat intelligence feeds?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

How are U.S. CISOs Addressing Liability Risk?

CrowdStrike Outage: Impact And Recovery

Impact & Perceptions of A Privacy-First Digital Era

Challenges & Tools For A Privacy-First Internet Age

IT and Infosec Collaboration on Vulnerability Patching

Take Your Insights On-the-Go