When we talk about the board and cyber security, we have moved away from the board doesn’t get it, to the board gets it, to the board doesn’t feel they are sufficiently briefed when a breach takes place. But is all of this evasive talk to avoid responsibility, or is there still a lack of communication between cybersecurity professionals and the board?

In this podcast, Steve Durbin, Managing Director ISF, offers insights into the specific actions the board needs to take to embed cybersecurity into business strategy. With the May 2018 deadline for the EU GDPR fast approaching, the board should be viewing upcoming legislation as an opportunity for cultural change, rather than a compliance burden.