The Georgia Tech Information Security Center reports that corporate boards are improving how they manage their cyber risk in response to new regulatory agency guidance.
Businesses looking to avoid noncompliance are rushing to learn evolving regulatory expectations on cyber best practices and how boards should be engaged in cybersecurity, said Kim Peretti, partner and co-chair of Alston & Bird’s Cybersecurity Preparedness & Response Team.
But while boards are taking important steps to oversee their companies’ cybersecurity preparedness, their progress still leaves room for improvement, Peretti cautioned.
“It’s all about the culture of security,” said Peretti. “It has to start from the top. They have to show that interest.”