Sign up to save your podcasts
Or
Share Risk Owners
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Risk Owners
Send us a text
There are many stakeholders in cybersecurity, and it makes sense to outline roles and responsibilities in terms of how each role impacts cyber resiliency.
- The board of directors
- February 21, 2018, SEC guidance requires board oversight in terms of cyber (https://www.sec.gov/rules/interp/2018/33-10459.pdf).
- Chief Information Security Officer (CISO)
- There are two types of CISOs; a governance CISO and an Operational CISO.
- Data Privacy Officer (DPO)
- General Data Protection Regulation (GDPR) requires that organizations process privacy data to have a DPO.
- Compliance Manager or Officer
- This is an individual with the responsibility to ensure the company complies with its outside regulatory obligations and internal policies.
- Auditors
- Auditors are responsible for developing, planning, and executing IT audit programs based on risk assessments.
- Legal team
- The legal team will be involved in cyber when a breach occurs and most likely will review all external communications before they are released to the media or regulatory authorities.
========
- Blog: https://www.execcybered.com/blog
- Training: https://www.execcybered.com/iso27001foundationcourse
- Linkedin: https://www.linkedin.com/company/exceccybered/
- Twitter: https://twitter.com/DrBillSouza
- Instagram: https://www.instagram.com/drbillsouza/
Thanks.
Dr. Bill Souza
CEO | Founder
www.execcybered.com
View all episodes
By Dr. Bill Souza
5
11 ratings
Send us a text
There are many stakeholders in cybersecurity, and it makes sense to outline roles and responsibilities in terms of how each role impacts cyber resiliency.
- The board of directors
- February 21, 2018, SEC guidance requires board oversight in terms of cyber (https://www.sec.gov/rules/interp/2018/33-10459.pdf).
- Chief Information Security Officer (CISO)
- There are two types of CISOs; a governance CISO and an Operational CISO.
- Data Privacy Officer (DPO)
- General Data Protection Regulation (GDPR) requires that organizations process privacy data to have a DPO.
- Compliance Manager or Officer
- This is an individual with the responsibility to ensure the company complies with its outside regulatory obligations and internal policies.
- Auditors
- Auditors are responsible for developing, planning, and executing IT audit programs based on risk assessments.
- Legal team
- The legal team will be involved in cyber when a breach occurs and most likely will review all external communications before they are released to the media or regulatory authorities.
========
- Blog: https://www.execcybered.com/blog
- Training: https://www.execcybered.com/iso27001foundationcourse
- Linkedin: https://www.linkedin.com/company/exceccybered/
- Twitter: https://twitter.com/DrBillSouza
- Instagram: https://www.instagram.com/drbillsouza/
Thanks.
Dr. Bill Souza
CEO | Founder
www.execcybered.com