HBR Press: A Leader's Guide to Cybersecurity

HBR Press: A Leader's Guide to Cybersecurity

Date(s) - 28/09/2020
5:00 pm

We would like to invite you to our upcoming event, where you will learn how to lead your company to more sound and effective cybersecurity strategies.

Jack J. Domet, cybersecurity expert and co-founder of Archefact Group, will present the key insights from his new book A Leader’s Guide to Cybersecurity that he co-authored with his colleague Thomas J. Parenty. Due to the travel ban, the authors will join us virtually while we meet in-person at our usual Copenhagen location.

At the event, the keynote will introduce an actionable framework that includes:
Understanding cyber risks and how best to control them
Planning and preparing for a crisis–and leading in its aftermath
Making cybersecurity a companywide initiative and responsibility  
Drawing attention to the nontechnical dynamics that influence the effectiveness of cybersecurity measures  
Aligning the board, executive leadership, and cybersecurity teams on priorities

The session will be hosted through Vimeo on https://tatarklubben.com/live/

Download a sample chapter from A Leader’s Guide to Cybersecurity here.

To learn more about the topic, we suggest you read the Harvard Business Review article Sizing Up Your Cyberrisks, where the authors suggest that companies should adopt the view that cybersecurity should focus more on threats’ potential impact on a business’s activities.

If you are on the run, you might prefer the podcast Why Cybersecurity Isn’t Only a Tech Problem. Thomas J. Parenty also stresses the importance of cybersecurity in this short video.


Why Boards Need to Leadand How to Do It

Thomas Parenty and Jack Domet

As companies, governments, and organizations have become ever more dependent on digital systems for all aspects of business and operations, they have spent billions of dollars on cybersecurity. However, the financial consequences of cyber breaches have increased, seemingly in lockstep, with this increase in investment. For cybersecurity expert Thomas Parenty and management expert Jack Domet, co-founders of Archefact Group, the reason for this confounding situation is that the central focus of cybersecurity has been on technology—the vulnerabilities of computers and infrastructure—and not on the business risks to a company’s operations and strategic direction. No company has the resources to fix every cybersecurity problem and not all fixes are equally important so, they wrote A LEADER’S GUIDE TO CYBERSECURITY to show executives a more effective way to combat these issues.

Parenty and Domet argue that cybersecurity is fundamentally a governance problem and that a board of directors should provide the essential oversight with executives setting the management direction. This view is based on their thirty-five years of experience in the cybersecurity field across over forty countries, during which they have performed, managed, audited, or reported to boards on virtually every enterprise cybersecurity activity. In their book, they share four principles to help guide leaders:

If you don’t understand it, they didn’t explain it. Cybersecurity management and staff within a company are responsible for providing materials and briefings that non-specialists can understand.

It is the business at risk. All discussions and actions relating to cybersecurity and cyber risks start and end with the business and the risks to its operations and strategic direction, not with computers and their vulnerabilities.

Make cybersecurity mainstream. In both corporate organization and activities, take cybersecurity from siloed functions and incorporate it into mainstream operations.

Engage motivation. Understand and align the interests and motivations of staff and departments to incentivize behavior that leads to accomplishing cybersecurity goals.

In order to identify and mitigate the right threats, Parenty and Domet outline the responsibilities that form the foundation for cybersecurity oversight:

Manage Cyber Risks – Effectively managing cyber risks requires a clear understanding of the relationships among the most significant business risks a company faces, the types of cyberattacks that could cause these risks, and the mitigating controls to prevent or minimize their impact. Ensuring the effectiveness of the controls includes recognizing and accounting for the nontechnical dynamics that can negate even the most powerful technologies.

Fortify the Company – Companies can substantially improve the overall effectiveness of their cybersecurity activities by utilizing the tools of organizational structure, processes, and culture, while accounting for employee motivations and incentives.

Lead in Crisis – While preventative and defensive strategies are essential, a company also needs the capacity to recognize and respond to cyberattacks. Therefore, the executive team must prepare to lead the company during a cyber crisis. This includes how to treat the situations it will face and what decisions it will make during a crisis.

The authors conclude the book by including various detailed questions that executives can ask to better understand current cybersecurity defenses and risk management activities. Parenty and Domet both have decades of experience in addressing cyber risks across a diverse range of industries and government agencies, including financial services, retail, manufacturing, electric power, mining and nuclear command and control. As a result, A LEADER’S GUIDE TO CYBERSECURITY is an eye-opening look at what it takes to successfully manage cybersecurity risk in an organization.

About the Authors

Thomas J. Parenty is an international cybersecurity and privacy expert who, over the course of more than 35 years, has worked at the National Security Agency, testified multiple times before the U.S. Congress and advised government agencies and corporations across the globe. He is a cofounder of cybersecurity firm Archefact Group and author of Digital Defense.

Jack J. Domet is a management expert with more than 25 years experience in helping multinational corporations adapt to shifts in technology, globalization, and consumerism through organizational change. He is a cofounder of cybersecurity firm Archefact Group, where he focuses on building leadership and organizational capabilities in digital stewardship.

A LEADER’S GUIDE TO CYBERSECURITY: Why Boards Need to Lead–and How to Do It by Thomas Parenty and Jack Domet. Harvard Business Review Press, £25.00, Hardcover, December 3, 2019. ISBN: 9781633697997