Cybersecurity: Making it a boardroom priority | The Business Standard
Skip to main content
  • Epaper
  • Economy
    • Aviation
    • Banking
    • Bazaar
    • Budget
    • Industry
    • NBR
    • RMG
    • Corporates
  • Stocks
  • Analysis
  • Videos
    • TBS Today
    • TBS Stories
    • TBS World
    • News of the day
    • TBS Programs
    • Podcast
    • Editor's Pick
  • World+Biz
  • Features
    • Panorama
    • The Big Picture
    • Pursuit
    • Habitat
    • Thoughts
    • Splash
    • Mode
    • Tech
    • Explorer
    • Brands
    • In Focus
    • Book Review
    • Earth
    • Food
    • Luxury
    • Wheels
  • Subscribe
    • Epaper
    • GOVT. Ad
  • More
    • Sports
    • TBS Graduates
    • Bangladesh
    • Supplement
    • Infograph
    • Archive
    • Gallery
    • Long Read
    • Interviews
    • Offbeat
    • Magazine
    • Climate Change
    • Health
    • Cartoons
  • বাংলা
The Business Standard

Wednesday
May 14, 2025

Sign In
Subscribe
  • Epaper
  • Economy
    • Aviation
    • Banking
    • Bazaar
    • Budget
    • Industry
    • NBR
    • RMG
    • Corporates
  • Stocks
  • Analysis
  • Videos
    • TBS Today
    • TBS Stories
    • TBS World
    • News of the day
    • TBS Programs
    • Podcast
    • Editor's Pick
  • World+Biz
  • Features
    • Panorama
    • The Big Picture
    • Pursuit
    • Habitat
    • Thoughts
    • Splash
    • Mode
    • Tech
    • Explorer
    • Brands
    • In Focus
    • Book Review
    • Earth
    • Food
    • Luxury
    • Wheels
  • Subscribe
    • Epaper
    • GOVT. Ad
  • More
    • Sports
    • TBS Graduates
    • Bangladesh
    • Supplement
    • Infograph
    • Archive
    • Gallery
    • Long Read
    • Interviews
    • Offbeat
    • Magazine
    • Climate Change
    • Health
    • Cartoons
  • বাংলা
WEDNESDAY, MAY 14, 2025
Cybersecurity: Making it a boardroom priority

Thoughts

B M Zahid ul Haque
25 April, 2025, 09:15 pm
Last modified: 25 April, 2025, 09:19 pm

Related News

  • Why are Bangladeshi banks so susceptible to cybersecurity breaches?
  • As China hacking threat builds, Biden to order tougher cybersecurity standards
  • US official fighting Chinese telecom intrusions urges more encryption
  • Cybersecurity in the age of AI: Preparing for 2025 and beyond
  • In DSA's 5 years, 40% cases filed for 'slanders' against Hasina regime

Cybersecurity: Making it a boardroom priority

As cyber threats grow more sophisticated, executive leadership must take an active role in protecting digital assets, customer trust, and business continuity

B M Zahid ul Haque
25 April, 2025, 09:15 pm
Last modified: 25 April, 2025, 09:19 pm
Cybersecurity governance is an ongoing, dynamic process that demands the active involvement of board members and executives. Photo: Reuters
Cybersecurity governance is an ongoing, dynamic process that demands the active involvement of board members and executives. Photo: Reuters

In today's digital-first world, cybersecurity has become a critical responsibility for every organisation, whether it's a government agency, a small business, or a large corporation. Once considered the responsibility of IT departments alone, cybersecurity now demands active involvement from executives and board members. 

As cyber threats grow more sophisticated, leadership needs to take a hands-on role in shaping and overseeing cybersecurity strategies. Strong cybersecurity governance not only protects an organisation's digital assets but also preserves its reputation, customer trust, and legal compliance.

The first step for board members and executives is understanding the broader cybersecurity landscape. Cyberattacks are evolving rapidly, and new threats such as ransomware, phishing, and vulnerabilities within supply chains are becoming increasingly common. 

The Business Standard Google News Keep updated, follow The Business Standard's Google news channel

"Cybersecurity is not a cost centre; it is an enabler of trust and a key pillar of a digital business strategy."

Satya Nadella, CEO of Microsoft

Staying informed about these risks is crucial. Engaging with cybersecurity experts enables leadership to make informed decisions while navigating this complex and fast-changing environment. 

Additionally, it's essential to understand the legal and regulatory framework, including data protection laws like GDPR/ CCPA, and local regulations. Non-compliance can lead to significant financial penalties and reputational damage. For example, in 2020, British Airways was fined £20 million by the UK's Information Commissioner's Office for a data breach that affected over 400,000 customers, underscoring the financial and reputational risks of failing to prioritise cybersecurity.

Cybersecurity should no longer be viewed as an isolated technical issue but as a crucial part of the overall business strategy. As former US Secretary of Defence, Robert Gates, aptly put it, "If you think security is expensive, try a breach." Cybersecurity is not just about protecting data—it's about safeguarding financial stability, brand value, and customer relationships. 

Therefore, board members and executives must ensure that cybersecurity initiatives align with the organisation's broader goals and risk management framework. Integrating cybersecurity into the company's core risk management strategy allows leadership to make well-informed decisions that drive growth while minimising exposure to cyber threats.

Creating a strong cybersecurity posture requires fostering a culture of security across the entire organisation, starting from the top. Executives and board members must lead by example, prioritising cybersecurity and clearly communicating this commitment throughout the organisation. 

Employees must understand that cybersecurity is everyone's responsibility and that their actions play a vital role in protecting the organisation. Regular training programs, especially on common threats like phishing and social engineering, help employees identify risks and respond quickly and effectively when faced with cyber threats.

Clear roles and responsibilities are essential in cybersecurity governance. Appointing a Chief Information Security Officer (CISO) or an equivalent position is critical to ensuring focused attention on cybersecurity. 

The CISO should report directly to the board or CEO to ensure that cybersecurity issues receive the attention they deserve. Board members should actively participate in approving cybersecurity policies, budgets, and major initiatives to ensure clear accountability and oversight. 

A good example of this is JPMorgan Chase, where the CISO worked closely with the board to create one of the most robust cybersecurity frameworks in the financial industry, strengthening the bank's resilience against cyberattacks.

To support a strong cybersecurity foundation, organisations should adopt established cybersecurity frameworks like ISO 27001, the NIST Cybersecurity Framework, or the CIS Controls. These frameworks provide guidelines for assessing and mitigating cybersecurity risks. 

Coupled with comprehensive policies covering encryption, access control, incident response, and vendor management, these frameworks help build a strong cybersecurity infrastructure. Regularly reviewing and updating these policies ensures they remain effective against emerging threats. Cybersecurity is an ongoing effort, requiring continuous evaluation and improvement.

Measuring the effectiveness of cybersecurity efforts is another critical component. Board members should ensure that key performance indicators (KPIs) are in place to track the success of cybersecurity initiatives. 

These may include metrics such as incident response times, patching rates, and employee training completion. These indicators provide insights into how well the organisation is managing its cybersecurity risks and guide decision-making. Having these metrics in place also enables leaders to take corrective actions quickly if any gaps are identified.

Despite all precautions, no organisation is entirely immune to cyberattacks. That's why an effective incident response plan is essential. This plan should define clear protocols for detecting, responding to, and recovering from cyberattacks, involving collaboration between legal, communications, and IT teams. Regular simulations and tabletop exercises ensure that everyone knows their role and can respond swiftly in case of an actual cyberattack.

Ongoing investment in cybersecurity is crucial for staying ahead of emerging threats. Board members must allocate adequate resources, both financial and human, to support ongoing cybersecurity initiatives. This includes investing in the latest technologies, hiring skilled cybersecurity professionals, and providing continuous training. 

As Satya Nadella, CEO of Microsoft, put it, "Cybersecurity is not a cost centre; it is an enabler of trust and a key pillar of a digital business strategy." Cybersecurity is not just about risk avoidance—it's a fundamental enabler of business growth and digital transformation.

Engaging with external experts for third-party assessments and audits can further strengthen cybersecurity governance. These independent evaluations help uncover vulnerabilities that internal teams may overlook. 

Collaborating with industry peers and participating in information-sharing networks also enhances the organisation's ability to stay informed about the latest threats and trends.

Finally, compliance with data protection laws is essential. Regular audits of data protection policies help minimise legal risks and maintain customer trust. In the unfortunate event of a data breach, having a breach response protocol in place ensures the organisation can act swiftly to minimise damage and preserve its reputation. 

As cybersecurity expert Alissa Knight aptly stated, "Data privacy and security are the foundation of trust, and trust is essential for thriving in today's digital economy."

Cybersecurity governance is an ongoing, dynamic process that demands the active involvement of board members and executives. By understanding the cybersecurity landscape, aligning security initiatives with business strategy, fostering a culture of security, and establishing clear roles and frameworks, leadership can protect their organisations from the ever-growing threat of cyberattacks. 

Ultimately, strong cybersecurity governance not only safeguards digital assets but also ensures the long-term success of an organisation in an increasingly interconnected world.


B M Zahid ul Haque is an Experienced CISO and Cyber Digital Transformation Strategist. The author can be reached at bmzahidul.haque@gmail.com.

Disclaimer: The views and opinions expressed in this article are those of the author and do not necessarily reflect the opinions and views of The Business Standard.

Cybersecurity

Comments

While most comments will be posted if they are on-topic and not abusive, moderation decisions are subjective. Published comments are readers’ own views and The Business Standard does not endorse any of the readers’ comments.

Top Stories

  • Bangladesh secures staff-level agreement with IMF for $1.3b disbursement amid reform commitments
    Bangladesh secures staff-level agreement with IMF for $1.3b disbursement amid reform commitments
  • Naser Ezaz Bijoy. Sketch: TBS
    Now is an opportune moment to trial market-based exchange rate: StanChart CEO Bijoy
  • JnU protesters at Kakrail intersection on 14 May night. Photo: Sakhawat Prince/TBS
    Hundreds more, including VC, treasurer, students, join JnU protesters at Kakrail intersection

MOST VIEWED

  • Representational image. File Photo: UNB
    Army updates contact numbers for people seeking help across Dhaka, surrounding districts
  • Logo of bkash. Photo: Collected
    bKash posts Tk132cr profit in three months
  • IMF agrees to release $1.3b in June for Bangladesh as disagreement over exchange rate flexibility resolved
    IMF agrees to release $1.3b in June for Bangladesh as disagreement over exchange rate flexibility resolved
  • Collage shows [from left] shows the woman rushing to her house with the cat after, getting into the lift and the cat that was beaten. Collage: TBS
    Animal abuse outrages citizens: Grameenphone condemns incident allegedly involving employee
  • Photo: Screenshot
    Businessman shot in Gulshan after reportedly refusing to pay extortion
  • Walton expands footprint in Sri Lanka
    Walton expands footprint in Sri Lanka

Related News

  • Why are Bangladeshi banks so susceptible to cybersecurity breaches?
  • As China hacking threat builds, Biden to order tougher cybersecurity standards
  • US official fighting Chinese telecom intrusions urges more encryption
  • Cybersecurity in the age of AI: Preparing for 2025 and beyond
  • In DSA's 5 years, 40% cases filed for 'slanders' against Hasina regime

Features

An old-fashioned telescope, also from an old ship, is displayed at a store at Chattogram’s Madam Bibir Hat area. PHOTO: TBS

NO SCRAP LEFT BEHIND: How Bhatiari’s ship graveyard still furnishes homes across Bangladesh

1h | Panorama
Sketch: TBS

‘National University is now focusing on technical and language education’

23h | Pursuit
Illustration: TBS

How to crack the code to get into multinational companies

1d | Pursuit
More than 100 trucks of pineapples are sold from Madhupur every day, each carrying 3,000 to 10,000 pineapples. Photo: TBS

The bitter aftertaste of Madhupur's sweet pineapples

1d | Panorama

More Videos from TBS

Record Gold Prices: Will You Invest or Risk Falling into Trouble?

Record Gold Prices: Will You Invest or Risk Falling into Trouble?

23m | Others
News of The Day, 14 MAY 2025

News of The Day, 14 MAY 2025

1h | TBS News of the day
What did the governor say about IMF loan installments, dollar rate, and inflation?

What did the governor say about IMF loan installments, dollar rate, and inflation?

2h | TBS Today
BB resolves exchange rate dispute with IMF, expects next tranche in June

BB resolves exchange rate dispute with IMF, expects next tranche in June

4h | TBS Insight
EMAIL US
contact@tbsnews.net
FOLLOW US
WHATSAPP
+880 1847416158
The Business Standard
  • About Us
  • Contact us
  • Sitemap
  • Advertisement
  • Privacy Policy
  • Comment Policy
Copyright © 2025
The Business Standard All rights reserved
Technical Partner: RSI Lab

Contact Us

The Business Standard

Main Office -4/A, Eskaton Garden, Dhaka- 1000

Phone: +8801847 416158 - 59

Send Opinion articles to - oped.tbs@gmail.com

For advertisement- sales@tbsnews.net