Corporate boards of directors must take the initiative to ensure their membership includes those with technology and data security expertise, says Sunil Chandiramani, founder and CEO at NYKA Advisory Services, a Mumbai-based management consulting firm.
"Every board needs to ensure that they have a board member who has expertise on technology so they can play an active role in evaluating how the organization is investing in technology to gain a strategic advantage, including seeing how ... investments are being made in security technology," Chandiramani says in an interview with Information Security Media Group.
He says boards need to be prepared to take the "ARM" approach to security incidents: assessing the impact, restoring operations and managing communication with the stakeholders.
"When you have a crisis on hand, I don't think that is the time the board should get into the whole assessment of saying: 'Who is responsible for this? Who didn't do their job right? And exactly why did this happen?' ... During the time of crisis, the board needs to ensure that the maximum time of executive management is going to dealing with the issue rather than spending a lot of time trying to educate them and bring them up to speed on the details."
In this interview, (see audio link below image), Chandiramani also discusses:
How the board is driving compliance with India's IT regulations;
Key areas boards must address to manage IT security;
Whether IT security is getting enough attention from most boards.
Chandiramani is the CEO of NYKA Advisory Services. He works with high-growth entrepreneurs, advising them on designing and implementing initiatives in the areas of corporate strategy, technology transformation, operational effectiveness and governance. He is an independent director on the boards of several organizations, including Jammu & Kashmir Bank, Ganesh Grains Limited and Updater Service Pvt Ltd., and a strategic adviser to several other companies, including WestCoast Group, VigyanLabs Limited and Bayside Media Private Limited.