top of page
Search

Key Take-Aways | December 18, 2018

  • Writer: Millstein Center
    Millstein Center
  • Feb 1, 2019
  • 2 min read

Updated: Mar 4, 2020


Key takeaways


The critical lessons from this session of the Board Leadership Forum are:

  • Managing cyber risk - management should be reporting to the board on several key areas to help the board manage cyber risk:

  • Strategic reporting often takes the form of heat maps or risk maps that identify the major risks to the organization. A key question for board members: “Does management understand how this organization creates cyber risk?”

  • Contextual reporting complements strategic reporting by depicting maturity scales that illustrate what level of maturity the organization needs to have—relative to peers, industry standards, or a desired state—to appropriately address the risks presented in the strategic report. A key question for board members: “How is our organization evaluating risk relative to external factors?”

  • Tactical reporting is management’s articulation of the priorities, programs, and investments it is making to advance the maturity of the organization. A key question for board members: “How is our organization executing on key initiatives to advance our cyber maturity?”

  • Operational reporting illustrates the key performance indicators (KPIs) that suggest whether the key initiatives in the tactical report are succeeding (e.g., the number of attempted intrusions that were successfully thwarted, the number of unpatched servers.) A key question for board members: “Are the KPIs we are receiving the right ones—how and why are they indicative of success? What are the KPIs we need to address going forward?”.

  • Governor John Kasich’s advice for how boards and executives can be good leaders:

  • Communicate to employees how much they matter to an organization, and how their role fits into the larger picture of what an organization is trying to accomplish.

  • Cultivate an organizational culture that allows leaders to connect with employees in a meaningful way (for example, by visiting the warehouse floor, throwing and attending social events for employees and their partners, keeping open lines of communication between employees and management, and celebrating “heroes” of the organization and recognizing people for their accomplishments and contributions).

  • Board members should see it as their role to push management towards compassionate leadership.

  • All lead directors should have one-on-one conversations with members of their boards to learn about who they are and what drives and motivates them, as well as to communicate to them the importance of their individual role on the board. Establishing authentic relationships with all members of the board can give the lead director invaluable information about each board member, while also contributing to a strong culture in the board room where everyone feels valued.

The meeting summary is available for download here.


 
 
 
Ira-Millstein_Center-Logo PNG (All White

Copyright © 2019 The Trustees of Columbia University in the City of New York 

Copyright © 2019 Deloitte Development LLC. All rights reserved. 

bottom of page