A big challenge facing any team trying to deal with OT and ICS cyber risk is getting executive leadership and the Board of Directors support and leadership on this issue. The problems that arise tend to be related to communication styles, understanding of what is truly important to the company, and reducing business risk as determined by the executives and Board.

I talk with Thomas Parenty of the Archefact Group about the Board of Directors' responsibility in business risk management.