This guest post was contributed by Arvind Parthasarathi, CEO of CYGNVS
Over the last few years, we’ve all come to recognize that cyber incidents are no longer a question of "if" but "when." Recently, I had the privilege of speaking at the Stanford Directors' College, where I emphasized the crucial role that board members must play in cyber incident response.
1. Out-of-Band Communication: A Must-Have
During a crisis, when your company’s primary systems are compromised or down, secure communication and collaboration become the lifeline of your response. That’s why having an Out-of-Band (OOB) communication plan is indispensable. This isn’t just about having a backup system—it’s about ensuring the Board, Management, internal teams, and external providers like outside counsel, forensic consultants, and insurance providers can all collaborate securely and effectively under pressure.
My Step 1: Establish and rigorously test a dedicated Out of Band platform. It’s critical that everyone involved is trained on how to use it, and that the system is regularly updated to reflect any changes in roles or personnel.
2. Develop a Board-Level Playbook
When a cyber incident strikes, there’s no room for improvisation. While IT and security teams have their own response protocols, the board needs its own playbook, tailored specifically to its role in determining materiality, communicating with stakeholders, and guiding the company through the crisis.
My Step 2: Develop a concise, actionable playbook for the board that outlines clear thresholds for involvement, communication protocols, and decision-making processes. This playbook should be treated as a living plan, regularly refined and updated based on new insights and evolving threats.
3. Engage the Board in Tabletop Exercises
It’s not enough to simply have a plan— organizations need to practice it. By incorporating the board into tabletop exercises, companies can ensure they are fully prepared for real-world scenarios. These exercises should focus on situations where board-level decisions are critical, ensuring alignment and readiness across all leadership tiers.
My Step 3: Regularly involve the board in these exercises. It’s an opportunity to stress-test the playbook, identify any gaps, and refine the board’s role in a controlled environment, so we are ready to act decisively when a real crisis occurs.
Conclusion
The role of the board in cyber incident response has evolved from oversight to active leadership. By securing out-of-band communication, developing a clear playbook, and involving the board in regular exercises, companies can ensure that when a cyber incident happens, the leadership team is prepared to respond decisively and effectively. It’s not about preventing every breach—it’s about how to lead through it when it happens.
In today’s threat landscape, board readiness isn’t just a priority—it’s a strategic imperative.
Comments