CLTC Executive Director Ann Cleaveland made a guest appearance on the Security and Compliance Weekly podcast, which is produced by Security Weekly, a podcast network for the security community. Live-streamed on May 19, the discussion focused largely on Resilient Governance for Boards of Directors, a report that CLTC released earlier this year in partnership with Booz Allen Hamilton examining how boards of directors should approach cybersecurity governance in their organizations.
Described as the “show that bridges the requirements of regulations compliance and privacy with those of security,” Security and Compliance Weekly is hosted by a team of cybersecurity professionals, including Jeff Man, Senior Information Security Consultant with Online Business Systems; Matt Alderman, CEO of Security Weekly; Scott Lyons, CEO and Co-founder of Red Lion; and Josh Marpet, COO and Co-founder of Red Lion.
To honor Cleaveland’s appearance on the show, Jeff Man dressed in hippie attire for the occasion. “Since we’re talking to someone from Berkeley, and I’m a child of the 60s, I thought I’d dress appropriately,” Man said.
The group discussed CLTC’s future-oriented approach to cybersecurity — including the Cybersecurity Futures 2025 scenarios — before pivoting to a conversation about the Resilient Governance report, which explored how boards of directors can play a more strategic role in governance and oversight of cybersecurity risk.
“We were trying to think about, what is the culture and the process that boards need to have in order to work effectively with a CISO?” Cleaveland explained. “We were interested in finding out, what is the state of the art on board governance of cybersecurity and where is that going?”
The hosts agreed with the report’s findings that cybersecurity is an ongoing process, and that communication is essential for organizations to build and maintain strong security. “Cybersecurity is not just a technical challenge, but a human and organizational and cultural challenge as well,” Cleaveland said. “Board governance is an increasingly important determinant of how well we as a society do at improving cybersecurity outcomes. If you can pull the lever of improving board governance at thousands and thousands of companies, you’ve really made an impact on the long-term health of the digital ecosystem.”
Watch Part I of the podcast above or on YouTube.
Part II is available on YouTube.