Biljana Cerin is the Director of Ostendo Consulting, a company specialized in providing information security and risk management, IT governance, personal data protection and compliance related consulting services. Biljana has 20+ years’ professional experience in leading successful information security projects for clients in financial, telecommunication, government, oil and gas, energy, biotechnology, higher education, and IT services sectors worldwide, such as Fortune 500 biotech Amgen, Stanford University Hospital and Clinics, MGM Resorts International, Merck and other leading world, regional and domestic companies.
“Cybersecurity is a Board-level Issue!”
“For years, we as the cybersecurity professionals, have struggled to bring up to the management’s attention the importance of proper and timely dealing with the cybersecurity risks. We were dealing with obstacles such as understanding of the business versus technology terminology, understanding the exact nature of the risks, explaining to business what may be the consequences of having the cybersecurity risks materialize, and what appropriate actions the responsible business owners should take in order to mitigate these risks. We have established the understanding, with a help of compliance requirements and regulations, which practically required to organizations to take the cybersecurity risks seriously. We have done a good job as a professional community, however, it is time to move forward, or one level up – cybersecurity, now more than ever, needs to be seen not only as the regular agenda point on management level meetings, but also discussed as an important Board issue too. And the CISOs – Chief Information Security Officers, need to be prepared to step up once they are called to the Board meeting.
This presentation will give an overview of the contents that should be presented to the Board, ways to gather and structure the information on cyber security risks exposure, and methods of presenting it in relatively short time given at the Board meetings, in a way that is understandable to the Board members in order for them to make informed decisions in alignment with their responsibilities.”