How not to end up like Optus

The Metronome for Impeccable Timing goes to the Uni Queensland team that has just published research on boards of directors oversighting cyber security

Ivano Bongiovanni and Uni Queensland colleagues* interviewed non-executive directors of 43 organisations, “on current cybersecurity practices and on the factors that drive directors’ engagement.”

Their evidence,  “suggests that boards are not nearly as engaged in cybersecurity as they are in other areas of oversight” and the researchers propose, “practical recommendations to enhance directors’ engagement in this crucial area, ranging from strengthening existing regulations, to codifying best practices in cyber-reporting.”

The paper is behind publisher Elsevier’s paywall – which makes the US$39 it costs a really good deal for every board of directors in the country who have seen what happened to Optus and don’t want it to see it happening to them.

Megan Gale, Ivano Bongiovannia, Sergio Slapnicara (Uni Queensland) “Governing cybersecurity from the boardroom: Challenges, drivers, and ways ahead,” Computers and Security, 121 (October 2022)