Cyber risk is now a core business risk and it is necessary for board directors to understand the basic fundamentals of cybersecurity. To this end, we held our second annual Cybersecurity Board… | Katherine Hennessey

9mo

Cyber risk is now a core business risk and it is necessary for board directors to understand the basic fundamentals of cybersecurity. To this end, we held our second annual Cybersecurity Board Academy this week for over 30+ of our nation's top board directors from critical infrastructure companies. We did this in partnership with the NACD (National Association of Corporate Directors), Mastercard, U.S. Secret Service and McKinsey & Company. This two day training took place at NACD headquarters in Arlington, Virginia and at the Secret Service's James J. Rowley Training Center (JJRTC). The Training Academy was first conceived of by Mastercard Fellow, Ron Green, and NightDragon CEO, Dave DeWalt, during a study we undertook on Corporate Cyber Responsibility (CCR) for the Cybersecurity and Infrastructure Security Agency examining how to better prepare directors to meet their oversight responsibilities relating to cybersecurity. I love working with this fun group to put on this unique and valuable educational experience. Thank you to our government partners, including the Federal Bureau of Investigation (FBI) and CISA, for their participation. BTW I got some serious points from my kiddos for the cool pics with Air Force One and Marine One, right outside our classroom! Jenn DeBerge Brett DeWitt Marcel Bucsescu Kimberly Simpson Peter Gleason Justin Greis Tucker Bailey Jen Easterly Jon Brickey, Ph.D. Bryan Vorndran Matt Hartman Kyo Dolan Michael R. Centrella Michael Lashlee, CISSP Julius Genachowski Suzanne Brown Mary Winston David McKeown Paul Michaels, NACD.DC, QTE, CISSP Amy De Salvatore Barbara Massa Sarah Kuranda Vallone

17 Comments

Bob Zukis 9mo

The NACD believes boards should not have directors with #cyber expertise on them. Your thoughts? https://ddn.events/DOMINO2025

3 Reactions

Richard (Dick) Brooks 8mo

Federal Agencies like NASA, GSA, DHS and the DOD are ambitiously implementing Supply Chain Risk Management (SCRM) programs to procure and use only trustworthy products within their cyber ecosystems, following OMB M-22-18 NIST Guidance and CISA Secure by Design best practice described in CISA's Software Acquisition Guide, https://cisa.gov/sag https://www.nasa.gov/secure-software-development-self-attestation-resources-and-knowledge/ The ability to ascertain trustworthiness has become mission critical as more parties rush to the cloud and SaaS for their cyber solutions, as Pat Opet emphasizes in his open letter at RSA; https://www.jpmorgan.com/technology/technology-blog/open-letter-to-our-suppliers "A functioning society is built on trust. Trust is both a glue and a lubricant, holding society together and allowing its many parts to move smoothly. If trust can’t be made suitable for the digital age, the digital age won’t function." World Economic Forum Davos 2021 Remember, risk always exists, but trust does not always exist. Never trust software, always verify and report! (TM)

Christopher Hetner 9mo

Sorry to have missed this event. Please be sure to learn more about the NACD Cyber Risk reporting platform selected for its 24,000 members. See below X-Analytics https://www.nacdonline.org/nacd-board-advisory-services/cyber-risk-reporting-services/

1 Reaction

Justin Greis 8mo

So great to see you, Katherine! It was a pleasure to collaborate and host such a fantastic event. Looking forward to the next one later this year. U.S. Secret Service, NACD (National Association of Corporate Directors), Mastercard. and NightDragon know how to put on a stellar event; it was an honor to be by your side. Thank you, Marcel Bucsescu, Peter Gleason, and Michael R. Centrella for your leadership!