전체서비스

닫기

대한변호사협회는 언제나 국민곁에 있습니다.

국제소식

대한변호사협회에서
국제소식을 알려드립니다.

선택글 상세보기
작성자 국제팀 조회수 716 작성일 2023-08-04 오후 5:21:00
제목

[IBA Report] Best Governance Practices for Cybersecurity Protection for Senior Managers and Boards of Directors

첨부파일
Introduction:
This guide presents insights and actionable steps for senior managers and boards of directors to protect their organizations against cyber-attacks. The report, titled "Global perspectives on protecting against cyber risks: best governance practices for senior executives and boards of directors," is a first-of-its-kind global perspective on key governance practices. It draws from ten jurisdictions and offers comparative analysis with international case studies.

1. Understanding the Cyber Risk Profile:
- Companies must thoroughly understand their organization's cyber risk profile.
- Identify potential vulnerabilities and weaknesses that cyber attackers could exploit.
- Regularly assess and update the cyber risk profile to stay proactive in mitigating threats.

2. Cybersecurity Expertise:
- Ensure the board and management have sufficient cybersecurity expertise.
- Appoint or engage cybersecurity experts to advise on best practices and risk management.
- Stay updated with the latest trends and developments in cybersecurity.

3. Reporting Lines for Cyber Risks:
- Establish appropriate reporting lines so that cyber risks are promptly raised to leadership.
- Encourage open communication between IT teams, security personnel, and management.
- Ensure that the board is kept informed of cybersecurity incidents and response measures.

4. Adequate Investment in Cybersecurity:
- Allocate sufficient funds to meet cybersecurity goals and enhance cyber resilience.
- Understand that investing in cybersecurity is an essential aspect of protecting the organization.
- Regularly review and update the budget based on the evolving threat landscape.

5. Cyber Incident Response Plans:
- Review, understand, and test the organization's cyber incident response plans.
- Regularly conduct mock drills to assess the effectiveness of the response plans.
- Make necessary adjustments to improve the organization's ability to handle cyber incidents.

6. Role of Senior Management:
- Senior management plays a crucial role in day-to-day operations and cybersecurity governance.
- They must map cybersecurity risks, identify high-priority concerns, and make informed decisions.
- Responsible for ensuring internal compliance and suggesting timely analysis/assessments and updates.

7. Bridging Knowledge Gaps:
- Set guidelines and standards beyond national legislation to bridge existing knowledge gaps.
- Acknowledge shared accountability between senior management and boards for cybersecurity.
- Promote cross-functional collaboration to enhance cybersecurity practices.

8. Top-Down Approach:
- Ensure the board has a thorough understanding of financial and legal risks related to cybersecurity.
- Emphasize a top-down approach to cybersecurity prioritization.
- Implement recent enacted legislation that holds boards accountable for cybersecurity oversight.

The new report expands upon the IBA Cybersecurity Guidelines (2018).


이전,다음글

이전글

[국제소식]일본변호사연합회, "재심 신청 절차에서 증거공개 보장하라" 입법 촉구+

다음글

International Conference on Arbitration 2023(2023. 9. 7. 쿠알라룸푸르)+