Skip to content
News update

An Essential Cyber Risk Playbook for Modern Organisations

Safeguarding digital assets and maintaining robust cyber security protocols is at the heart of Governance Institute’s latest Cyber Risk Management Guide.

Safeguarding digital assets and maintaining robust cyber security protocols is at the heart of Governance Institute’s latest Cyber Risk Management Guide.  

Unveiled this month, the guide highlights the importance of identifying critical assets and establishing a comprehensive data governance and protection process. It outlines how boards can determine and implement their cyber risk appetite through a well-structured cyber security framework.  

Megan Motto FGIA FCG, CEO of Governance Institute has stressed the importance of directors to be across cyber risk management strategies. 

“In today’s digital landscape, cyber risk management is not just an IT issue but a critical governance concern.” 

“Our guide provides directors and executive staff with the necessary tools and frameworks to navigate the complexities of cyber security and protect their most valuable assets,” she said.  

The guide explores information security and makes clear the need for accountability and responsibility within organisations. It explores the importance of implementing effective controls to prevent, detect and respond to information security incidents. It also it underscores the necessity for organisations to possess the requisite skills and capabilities at all levels, including the board, to interpret and understand information security matters and make informed decisions. 

Other areas explored in our latest guide include: 

  • The critical aspect of crisis management, detailing how senior executives and board members should interact with incident management teams, technical teams, corporate teams, customer management and media relations during a cyber event. 
  • A framework for making pre-emptive decisions, such as whether to pay a ransomware demand and the legal implications of such actions. 
  • Notification requirements for cyber incidents, including regulatory, contractual, and reputational obligations.  
  • Advises on the appropriate timing for notifying insurers and the specific policies under which claims should be made. 

The release of this guide comes at an important time, as organisations face an ever-evolving threat landscape. By adopting the principles and practices outlined in Governance Institute’s Cyber Risk Management Guide, organisations can strengthen their resilience against cyber threats and ensure they are well-prepared to respond to incidents effectively.  

You can view the guide here  

Materiality: The key to director engagement with sustainability

Next article