by Byron Connolly

CSIRO and AICD to lift company boards’ cyber literacy

Apr 26, 2016
Business ContinuityComplianceData Center

CSIRO’s Data61 and the Australian Institute of Company Directors (AICD) will soon create a security education and training program to lift the digital and cyber literacy of company boards.

The organisations have signed a memorandum of understanding to build a program that facilitates a better understanding of cyber security by boards, appropriate risk management, and the required investment and opportunities for innovation that come with it.

The program will focus on corporate governance and its application to the way people interact with technology and each other in a quantifiable and repeatable manner, the organisations said.

Data61 CEO, Adrian Turner, said in a statement that Australia is facing a major challenge as a result of digital disruption and our changing economy.

“Directors globally have expressed concern at the rapid pace of digital change, increased cyber threats, technical jargon and associated risks as limiting their ability to appropriately fulfil their duties,” Turner said.

“It is the board’s responsibility to drive innovation and strategy, which will flourish with positive leadership, a coherent strategy and proactive information governance,” he said.

Turner said threats and vulnerabilities are not only related to cyber security, they also extend to the accuracy, integrity and availability of information that is vital to both real time human, and automated decisions that are the nation and its people.

“There is a need for leadership to better understand the cyber threats and opportunities in our connected world,” he said.

CSIRO and AICD expect that that program will give directors the opportunity to:

  1. Identify their implied and express obligations as directors or officeholders of an organisation
  2. Identify the value of information to the organisation in terms of business opportunity and risk
  3. Identify a target state of assurance to address business risk and opportunity
  4. Identify the current capability of the organisation to protect and leverage its information and determine an appropriate path to sustainability
  5. Develop a quantifiable program for continuous organisational improvement