Improving the management of cyber risks in organisations is crucial for better cyber security. However, for some time the National Cyber Security Centre (NCSC) has been aware of a ‘skills gap’ in how cyber security risk is overseen at the board level. To explore this more fully, NCSC commissioned Social Machines to obtain a better understanding of this perceived ‘lack of board engagement with cyber security and cyber-related decision-making’.
The research included interviews with board members, CISOs and other cyber security leaders in medium to large organisations. You can read NCSC’s summary here and access the corresponding guidance here.