Diogenes

As we develop our resource to help boards meet their Cyber and AI NIST governance responsibilities, our premise is based on integrity. It offers full transparency and audit ready reports. John Caulfield Todd Oakes John Whitworth MBA, CGMA, ACMA, FCT https://lnkd.in/eXgY_F6G

Crowdstrike's 2026 Global Threat Report is out. Get your copy! "...trends show how modern adversaries operate: gain legitimate access through identity, move rapidly through cloud and edge infrastructure, and weaponize vulnerabilities before defenders can respond. Speed, legitimacy, and low-visibility access paths now define evasive tradecraft." https://lnkd.in/gxpDuAwh #Cybersecurity #AI #Crowdstrike #CISO

Thanks for this summary Bob. Boards and CISOs can do better.

This is a critical issue when operating in a global environment. What I have learned from 30+ years working with clients from the US and EU is that being able to discern the nuances can greatly increase the probability of business success. Our patent pending Agentic AI CyberGov™ provides SEC-ready audit documentation and supports multiple regulatory framework requirements through standardized reporting formats, establishing it as the first comprehensive solution for automated board-level cybersecurity governance compliance assessment. The technical innovation addresses a previously unmet market need by combining advanced AI methods with specific regulatory compliance requirements in a mathematically rigorous, auditable platform. Because CyberGov™ is applicable across industries and jurisdictions across the Globe, we have designed it to be transparent so the user can account for such nuances.

Cybersecurity for enterprise boards is multidimensional In a post on the Harvard Law School Forum on Corporate Governance titled “Cybersecurity: An Evolving Governance Challenge”, the authors highlighted the following three main issues. I have added a fourth at the end. - ”A new and different challenge for boards. Cyber threats are constantly evolving, and the motivations and actions of bad actors are extraordinarily difficult to understand and predict. - ”A wide variety of oversight structures. As cyber threats morph and grow, society is holding the boards of giant companies to account for failures to protect information assets and maintain the integrity of their company assets. - ”Complex interactions between directors and management”. In many companies, boards entrust the chief information security officer (CISO) with responsibility for cybersecurity. But technology is so pervasive, information so distributed, and cybercrime so fluid that reports from the CISO to the board are, at best, table stakes in cyber assurance.  In addition to being familiar with the operational aspects of cybersecurity, boards must understand how to integrate that risk with overall enterprise risk and meet the evolving regulations from governments and professional organizations like NIST. Once a year review is not enough; boards must demonstrate that they are actively monitoring their cyber risk on an ongoing basis . https://lnkd.in/e-fFK3Rz

As global use of AI by most anyone with a computer increases, boards need a means to be more proactive in creating systems to provide constant telemetry. Otherwise they will continue to be reactive in a way that I call "wack-a-mole"!! https://lnkd.in/dx3JN5Yc

Cybersecurity for enterprise boards is multidimensional In a post on the Harvard Law School Forum on Corporate Governance titled “Cybersecurity: An Evolving Governance Challenge”, the authors highlighted the following three main issues. We have added a fourth at the end. ”A new and different challenge for boards. Cyber threats are constantly evolving, and the motivations and actions of bad actors are extraordinarily difficult to understand and predict. ”A wide variety of oversight structures. As cyber threats morph and grow, society is holding the boards of giant companies to account for failures to protect information assets and maintain the integrity of their company assets. ”Complex interactions between directors and management”. In many companies, boards entrust the chief information security officer (CISO) with responsibility for cybersecurity. But technology is so pervasive, information so distributed, and cybercrime so fluid that reports from the CISO to the board are, at best, table stakes in cyber assurance. ”Cybersecurity is a multidimensional issue . In addition to being familiar with the operational aspects of cybersecurity, boards must understand how to integrate that risk with overall enterprise risk and meet the evolving regulations from governments and nations. Once a year review is not enough; boards must demonstrate that they are actively monitoring their cyber risk on an ongoing basis . What is required is a set of global board governance best practices in the model of the ISO/IEC 27001 Information Security Standard for operations but which reflects the board issues mentioned above. By demonstrating conformance to such global standards, company and enterprise boards can prove that they are meeting their fiduciary duty of care. #cyber #riskmanagement #Boardofdirectors #CEO #cybersecurity #AI

When we began developing our Agentic AI solution (patent-pending) for boards—designed to demonstrate that they are meeting their fiduciary responsibilities—we focused primarily on cyber breaches. One of our expert advisors encouraged us to broaden our approach by incorporating a counterfactual analysis: What would have happened if the organization had used our solution? This allowed us to assess the value of deeper, longer‑term planning for resource allocation. Since we did not yet have our own data, we applied this method to the 2017 Maersk NotPetya breach case published by Harvard Business School. Here’s what we found: the Maersk incident illustrates the catastrophic cost of a fragmented cyber‑governance approach. Deploying a multi‑application, intelligence‑driven Agentic AI like ours would have provided the board with early warnings, financial justification for remediation, and a cohesive roadmap for building true, forward‑looking cyber resilience. With the integration of causal AI, our platform will continue to learn and refine over time. Because much of board‑level discussion is qualitative in nature, we recognized that each application will initially start from scratch. Unbeknownst to us, our patent search revealed that one of the novel aspects of our work is its applicability across all global industries and domains as a means of demonstrating compliance with best practices and legal requirements. https://lnkd.in/ekNRKCh9 #cyber #cybersecurity #risk #CISO #CTO #BoD #CEO #coo #president #chairman #CFO