Trending Now

How to Improve Your Organization’s Digital Governance

The cyber risk landscape is quickly evolving and cyber breaches are becoming increasingly common. Organizations have been slow to catch up with the new threat landscape. The fastest growing threats today are coming from outside the network — digital and social media and third party vendors. Yet organizations are still organized to focus primarily on more traditional IT security risk management They are not updating their processes and policies or investing in tools and technologies to comprehensively address the latest and fastest growing threats. As the cyber risk landscape evolves, cyber risk management must evolve as well to truly ensure security, privacy and data protection. In addition, the public’s awareness of the importance of digital risk management and attention to how companies handle data and privacy is increasing. Digital risk management can affect consumer trust, customer loyalty and even shareholder value.

As we begin the new year, it’s time to comprehensively rethink how to approach digital risk management and your digital governance. Here are some tips to get started:

Educate senior leadership and the board on the evolving cyber risk landscape and the importance of including digital and social media risk management in cyber risk management.

Senior leadership and boards need to better understand the current digital risk landscape. According to the 2017 – 2018 National Association of Corporate Directors (NACD) Public Company Governance Survey, boards have a high level of discomfort with cyber-risk management. Only 12% of board members believe their boards possess a high level of cybersecurity knowledge and only 37% feel confident that their companies are properly secured against a cyberattack. This finding was reinforced by JEM’s 2018 State of Digital Risk Management study. One of our survey respondents commented, “You must have the C-suite on board. Ours got burned a couple of years ago and that was the fire we needed to get moving on it.”

Invest in tools and technologies to proactively identify and manage advanced attacks delivered via email, social media and mobile apps.

Audit your digital landscape. Make sure you have an up-to-date and comprehensive audit of all digital assets to avoid domain fraud and account sprawl. Tools and technologies can proactively scan the web to identify rogue and fraudulent accounts and activity to help you protect your accounts and alert you to potential hacks. Monitor social media. Make sure that everyone who is responsible for monitoring social media is aware of the plans and workflow in the case of an attack. Run scenario-based exercises. And, audit your technology vendors to ensure that they comply with your security and data privacy policies and standards and are GDPR-compliant.

Make digital and social media training for employees a priority.

Make sure to include instruction on how hacks like email phishing attacks happen, password best practices, etc. to best protect accounts. Be sure that your employee social media policy includes instructions about how to secure both branded and employee accounts. Make digital risk management training part of the new employee onboarding process.
Offer reverse mentoring for executives, pairing them with digital natives. and keep your training up-to-date to ensure that it’s keeping up with the ever-evolving threat landscape.

Adopt a comprehensive organizational approach to cyber risk management through the creation of a Digital Center of Excellence.

Ensure cross-functional leadership of digital risk management through the creation of a Digital Center of Excellence (DCOE), which acts as a trusted strategic partner to help teams understand and embed new digital and social media technologies and programs safely and effectively. The DCOE provides digital leadership, oversight, training, best-in-class advice, communicate best practices. DCOEs provide frameworks to think and act comprehensively and collaborate and communicate across departments and functions. They are responsible for strategy/oversight/coordination across the organization. DCOEs set standards and best practices and oversee digital governance. Develop employee communications, training and enablement programs to help employees, management and senior leadership better understand, identify and manage these new risks.

To sum it all up, organizations can improve their digital risk management by focusing on people, process and technology. Senior leadership and boards need to better understand the evolving cyber risk landscape and the importance of protecting their organizations from digital and social media risks in addition to more ‘traditional’ cyber threats. Organizations must make training and education for employees a priority and consider creating a Digital Center of Excellence or Digital Governance Center to provide a framework to think and act comprehensively and collaborate and communicate across departments and functions. And organizations must make investments in new tools and technologies to proactively identify and manage advanced attacks delivered via email, social media and mobile apps. Organizations need to adopt a more comprehensive approach to risk management to address new threats coming from digital, social media and mobile. This can be accomplished through more effective collaboration between the growing number of departments and functions responsible for risk management, including not only IT, but also the digital and social media teams, compliance, marketing and others.

The growing number of cybersecurity risks and the expansion of responsibility for managing these risks beyond the IT department make it imperative that organizations rethink their approach to IT security for the digital age. Companies need to understand and address these new risks, including third-party, public and consumerized infrastructure, and internal and external threats.

Wishing you a successful, safe a secure 2019!

Jen McClure

Jen McClure is founder and CEO of JEM, a Silicon Valley-based global management consultancy and publishing group. She oversees the company’s consulting and advisory services division, Consultants Collective and its media business, including Biznology. JEM serves clients in a wide range of industries, including aviation, financial services, healthcare, life sciences, pharmaceutical and technology. A recognized business leader, Jen was named a “Power Player” in management consulting by Business Insider in its first list of the most influential executives disrupting the industry and having a positive impact within their firms. Jen has worked with her team to grow JEM significantly since its founding in 2015, and in 2019 the company received certification as a Women-Owned Small Business in the Federal Contracting Program, and is recognized as a Women-Owned Small Business (WOSB) by the Department of Defense (DOD). Jen is considered to be one of the original authorities on digital and social media. She was named one of the “Women Who Rock Social” by Top Rank Marketing. She foresaw the significant impact that digital and social technologies would have on business, media, culture and society and founded the Society for New Communications Research (SNCR) in 2005 as a think tank to study this impact. She served as SNCR’s Board Chair for 10 years, and led the organization’s merger with The Conference Board in 2016. She now serves as a Distinguished Principal Fellow of The Conference Board, supporting the organization’s mission to provide trusted insights to help leaders navigate the biggest issues facing business. In addition to her expertise in digital and social media, Jen’s executive experience includes roles in corporate communications, marketing, public relations, media relations and investor relations. Prior to founding JEM, Jen was Vice President of Digital and Social Media at Thomson Reuters. She was Chief Marketing Officer of Redwood Collaborative Media, and held senior marketing and public relations roles at Ziff Davis, Ketchum Public Relations and New Electronic Media Science. Jen is a Governance Fellow of the National Association of Corporate Directors. She is a member of the Leadership and Technology Councils of the National Small Business Administration. She currently serves on the board of KQED, the nation’s second largest public media organization, and on the advisory boards of Miracle Messages, How Women Lead and How Women Give. Jen earned her master’s degree from Stanford University, her bachelor’s degree from Sarah Lawrence College and a graduate certificate in History, Politics and Sociology from the University of Oxford’s Exeter College.

Join the Discussion

Your email address will not be published. Required fields are marked *

Back to top Back to top