[AISWorld] What Does Good Cyber Governance Look Like? A Legal Perspective

[Dave Chatterjee]

Dear Colleagues:

>From the standpoint of cybersecurity governance, how does an organization
stay on the right side of the law? *Rois Ni Thuama, Ph.D. (Doctor of Law),
Head of Cyber Governance, Red Sift,* spoke with great clarity and eloquence
in explaining what it means to practice good and sensible cyber governance.
She emphasized the importance of looking to expert sources and established
security frameworks for guidance, addressing foreseeable and avoidable
threats, and making cybersecurity investments that would be deemed (by the
courts) proportionate and affordable. Highlighting the importance of strong
governance, Rois said, "it is never the widget that’s the problem, it is
always weak leadership, weak governance, lack of accountability, lack of
responsibility, these are the big issues that need to be addressed.” She
also encouraged a regular legal review of cybersecurity practices, based on
the assumption that “you have to defend your decision-making in a court of
law.

A short clip from the Episode: https://youtu.be/gaHlrK7ZDSg

Full Episode:
https://the-cybersecurity-readi.captivate.fm/episode/what-does-good-cyber-governance-look-like-a-legal-perspective

*Links to Prior Episodes*

#1 -- Role of Top Management in Cybersecurity Governance:
https://the-cybersecurity-readi.captivate.fm/episode/role-of-top-management-in-cybersecurity-governance/

#2 -- Protecting Academic Institutions from Ransomware and Other Forms of
Attacks:
https://the-cybersecurity-readi.captivate.fm/episode/protecting-academic-institutions-from-ransomware-and-other-forms-of-cyber-attacks/

#3 -- Going Above and Beyond the Mandated Checklist:
https://the-cybersecurity-readi.captivate.fm/episode/going-above-and-beyond-the-mandated-checklist/

#4 -- The Human Vulnerability Factor:
https://the-cybersecurity-readi.captivate.fm/episode/the-human-vulnerability-factor/

#5 -- Being An Effective Chief Information Security Officer (CISO) --
https://the-cybersecurity-readi.captivate.fm/episode/being-an-effective-chief-information-security-officer-ciso/

#6 -- Holistic Approach to Cybersecurity Readiness --
https://the-cybersecurity-readi.captivate.fm/episode/holistic-approach-to-cybersecurity-readiness/

#7 -- Multidisciplinary and Integrative Approach to Cybersecurity Education
-- 
https://the-cybersecurity-readi.captivate.fm/episode/multidisciplinary-and-integrative-approach-to-cybersecurity-education
<https://the-cybersecurity-readi.captivate.fm/episode/holistic-approach-to-cybersecurity-readiness/>
Thanks

Dave Chatterjee (https://dchatte.com)

------------------------------------------------------------
--------------------------------------------------------------
Associate Professor, MIS Dept., Terry College of Business, The University
of Georgia
Visiting Professor, Master of Engineering in Cybersecurity Program, Pratt
School of Engineering, Duke University