Episode 28 of the podcast covers a director's and officer's view of mission-critical privacy and cyber security issues.
Q1. (03:13) What are the NACD’s guiding principles for effective cyber-risk oversight? Do boards actually follow these principles? Q2. (08:50) With regard to governance and cyber risk management frameworks, when a cyber incident occurs, what are companies doing right and wrong in addressing this interplay? Q3. (12:57) What role do these principles play with D&O insurance? Q4. (16:16) How detailed have you seen board rooms get on how to classify risks. Q5. (21:13) Understanding that security incidents are inevitable, how do you advise clients to work with outside experts? Should everything be under privilege that relates to a potential vulnerability that may result in a future breach?