Security Questions Your Company’s Board Members Will Ask
With the increased number of cyber attacks, companies are becoming more aware and focusing on their security programs. The board members of the company are having discussions with risk and security management leaders. It is highly unlikely that they will ask simple questions about cyber security rather they will be more specific in their probing.
Thank you for showing your interest in cyber-insurance. Our relationship manager will call you to discuss the details and share the best quotes from various insurers. In case you have any query or comments, please contact us at corporateinsurance@policybazaar.com
Here are some of those questions that board members would ask.
Question-Related to Incident
Questions: What went wrong? How did this happen? I thought you had this under your control, etc.
The board members ask these questions when they get to know about the cyber breach or while the chief information security officer is telling them about the incident. It seems relevant when board members ask these kind of questions specifically about securing the online data of the organization since a large portion of employees is working remotely.
Now, you can tell them about the severity of the incident and state the facts. Tell them what you know and what will you do to resolve the issue. Acknowledge the incident and tell them about the impact it would cause on the business and what are your plans.
However, the security leader will be responsible for the oversight of the risk and security but make sure to define the accountability at the board/executive level.
Question-Related to Trade-off
Question: Are you sure that we are 100% secure?
This kind of question usually come up from the board members who do not understand the security and its impact on the business. Since it is impossible to be totally protected, it will be your responsibility to identify the risk and tell them about the resources that will be used to manage the issue based on business appetite.
You can respond to these questions like “Considering the nature of the threat, it is not possible to get rid of all the sources of risk. I will implement controls to manage the issue. As the business grows, we will have to repeat the reevaluation to understand how much risk would be fine.”
Landscape Question
Questions: How bad it is? How are we performing compared to others?
The company’s board members go through articles, threat reports, blogs and regulatory pressure to learn about the risks. That is why they always ask about how other companies are doing compared to their company.
You can answer like “ I would not hypothesize on the what other company is doing without getting enough information but I’ll let you know as soon as I get enough information.” You can discuss the broader security responses such as recognizing similar weak spots and how are you doing compared to them.
Risk Related Question
Question: Are we aware of the risks that we can take?
The board members know that accepting risk is a choice and if they don’t then it is your responsibility to let them know about it. They would want to know the expected risks of the company are being controlled and you should tell them the tolerance of the company.
Tell the board members about the impact on business due to risk management decisions and make sure to have proper evidence to back it up. The next part would be crucial as the board members take their decisions after knowing the risk tolerance. Since any risk beyond tolerance needs treatment to bring it within the safe zone. Having said that, this does not require any changes in a short period so beware of overreacting.
Question-Related to Performance
Question: Question-related to expenditure. Whether the company is spending enough on resources or if the company is spending too much.
The board members ask these questions because they want to know if the Security & Risk Management Leaders are working properly and they want reassurance about the Return of investment and Metrics.
You can take the approach and use a balanced scorecard that is based on a traffic-light mechanism. Make sure to tell them about the performance of the organization against business aspirations. Also, explain the aspiration according to the business performance and not technology.
Use of Cyber Insurance
Everything is done online now a days and with the increase in the usage of the internet, the number of cyber threats have also increased. Since every company whether a startup or an established one, all of them are prone to cyber threats. This is why it is vital for organizations to protect their online data with cyber insurance policies because cyber threats are inevitable.
Conclusion
These were some of the security questions that board members ask and you can respond to them accordingly. Even though organizations use the best anti-malware available in the market but the hackers are also getting better and better every day.
Disclaimer: Above mentioned insurers are arranged in alphabetical order. Policybazaar.com does not endorse, rate, or recommend any particular insurer or insurance product offered by an insurer.
Global Cyber Threats: India Emerges as a Key Target in 2024
According to a report by cyber intelligence firm CloudSEK, India ranked as one of the top nations globally affected by cyberattacks in 2024,with 95...Read more
Payment Gateway Company Reports Massive ₹16,180 Crore Cyber Theft
In a startling revelation, the Thane Police have exposed a massive cyber heist, with cybercriminals pilfering an astonishing ₹16,180 crore. This...Read more
Cybercriminals Target Former Union Minister Dayanidhi Maran's Savings...
In a concerning development, cybercriminals managed to siphon off ₹99,999,from the personal savings account of Dayanidhi Maran, the former Union...Read more
Mumbai Police Nab Four Cyber Fraudsters in Extensive 22-Day Operation
In a 22-day operation spanning four states, including Uttar Pradesh, Rajasthan, Delhi and Madhya Pradesha Mumbai Police task force comprising seven...Read more
India Grapples with Mounting Cybersecurity Risks, According to Palo...
India is confronting a significant threat of cyberattacks aimed at its critical infrastructure, public sector, and essential services, as per a report...Read more
Pune-Based Engineering Supplies Firm Loses Over 22 Lakh in Cyber Scam
Pune City police uncovered a suspected 'man-in-the-middle' cyber attack that cost a Pune-based engineering supplies firm more than 24,000 Euros...Read more
AIIMS Delhi Hit by Cyber Attack for Second Time in a Year
All India Institute of Medical Sciences (AIIMS) in New Delhi faced a new cyberattack on Monday The premier medical institution promptly responded...Read more
Mumbai Woman Falls Victim to Cyber Fraudsters While Helping an...
A Mumbai woman's act of kindness towards an injured bird took an unexpected turn when she became a target of cyber fraudDhwani Mehta works at Famous Studios...Read more
Scammers Exploit 'Man-in-the-Middle' Technique, Pune Construction...
Prominent Construction Technology Company falls victim to cyber attack, losing Rs 13.8 Lakh in Pune, India.The investigators described it as a...Read more
Reddit Hacked in a Targeted Phishing Attack
Finance minister Nirmala Sitharaman presented the Union Budget FY 2023 on February 1, 2023. Christopher Slowe, CTO of Reddit, revealed the company was able...Read more
FM Nirmala Sitharaman announces Set up of 3 Artificial Intelligence...
Finance minister Nirmala Sitharaman presented the Union Budget FY 2023 on February 1, 2023. The Finance Minister announced the establishment of 3...Read more
Cyber Fraudster Target Customer under Disguise of Insurance Officer
Cyber fraudsters are targeting customers under the disguise of not a bank official but an insurance company official In one such event, a 67 year old...Read more
Sensitive Data of 6 Lakh Indians Stolen by Hackers and Sold at Rs...
Out of 5 million people globally, 6 lakhs Indians have had their sensitive data stolen and sold on the bot market making India, the worst affected...Read more
AIIMS Cyber Breach: Attackers Demand Rs 200 Crore in Crypto
All India Institute of Medical Sciences, New Delhi, India reported a cyberattack on November 23, 2022. Later, the statement released by AIIMS said that...Read more
Cyber Criminals Sending Phishing Links to Twitter Users
Cyber criminals are targeting twitter Verified Twitter user by sending them phishing links. The cyber criminals send the phishing link to steal their...Read more
Social engineering implies different kinds of cyber attacks that...Read more
25 Mar 2025 by Policybazaar1257 Views
Disclaimers+
+Disclaimer: The starting premium is ₹2 per day for a ₹5 lakh Sum Insured under an individual plan. The actual premium may vary based on the chosen plan type and selected add-ons. Standard terms and conditions apply. Please refer to the sales brochure for detailed information on risk factors, terms, and conditions before making a purchase. ++Disclaimer: The premium of Rs 112100/year is the starting price for sum insured of Rs 1 Crore that may vary depending on the business activity and services rendered, company turnover, and its geographical split, industries/customers to whom the product/service is being provided, website and domain network features, business continuity plan, and data protection measures. STANDARD TERMS AND CONDITIONS APPLY. For more details on risk factors, terms and conditions, please read the sales brochure carefully before concluding a sale.
By clicking on "View Plans" you agree to our Privacy Policy and Terms Of Use and also provide us a formal mandate to represent you to the insurer and communicate to you the grant of a cover. The details of insurance coverage, inclusions and exclusions are subject to change as per solutions offered by insurance providers. The content has been curated based on the general practices in the industry. Policybazaar is not responsible for the factual correctness of these details.
Your call has been scheduled successfully.
Expert advice made easy
Date
Time
When do you want a call back?
Today
Tomorrow
25 Jan
26 Jan
27 Jan
28 Jan
29 Jan
What will be the suitable time?
11:00am - 12:00pm
12:00pm - 01:00pm
01:00pm - 02:00pm
02:00pm - 03:00pm
03:00pm - 04:00pm
04:00pm - 05:00pm
05:00pm - 06:00pm
Tell us the number you want us to call on
Your privacy matters. We wont spam you
Call scheduled successfully!
Our experts will reach out to you on Today between
2:00 PM - 3:00 PM
We don't spam
Expert advice made easy
