Boards Should Think Of Cyber A Bit More Like Bank Robberies, Former AT&T Security Chief Says:

The Wall Street Journal | By: Steven Norton | GPE – November 20, 2017:

Corporate boards should think about cybersecurity risk as banks think about bank robbery: a relatively common risk that must be managed. “Just like bank robbery, you can’t say get rid of (cyber risk) and make it never happen,” said Ed Amoroso, former chief security officer at AT&T Inc., during a talk at the NYU Tandon School of Engineering on Thursday.

Originally published November 17, 2017: While bank boards know there are a number of bank heists (there were more than 4,000 incidents at federally insured financial institutions in 2016, according to the FBI), they don’t expect to eliminate them completely. Corporate boards should begin to think about cyber risk in similar terms, said Mr. Amoroso, now CEO of TAG Cyber LLC.

“(Cyber risk is) never going to go away, and people are going to have to keep worrying about it,” he said. “Just like bank robbery, you can’t say get rid of it and make it never happen.

To achieve that goal, directors should spend more time educating themselves (with regard to) cybersecurity and technology fundamentals, Mr. Amoroso said. Just as it would be unacceptable for someone to join a board without any finance or business experience, the same should go for technology and cybersecurity.

To read full article – please click here.