top of page

What a Volunteer Board Should Know About Cyber Security



My child’s school was hacked.


The school communicated very well to those impacted, with regular and detailed information as it emerged.


A chance meeting with a board member on an aeroplane resulted in me addressing the board more broadly on cyber security.


What did I say?


I referenced content from the Harvard course I completed on the topic!


The goal of Information Security is a balance between Availability, Integrity and Confidentiality.


Threats can be external or internal, with unintentional or malicious sources.


Cyber procedures include protection and recovery. The NIST framework has five clear stages:

1. Identity

2. Protect

3. Detect

4. Respond

5. Recover


Maturity assessment of procedures is critical. It will inform where education or investment is required.


The board must understand and support the “Cyber Vision” and its links to organisational values. Further, Cyber objectives must be specific about outcomes, and the actions are beyond technologies.


Those who don't regularly work within the technology industry, and volunteer for boards like the one I addressed, will likely benefit significantly from the information I shared.


Here’s a link to some of the content I shared.


If you’re on a board in South East Melbourne where you volunteer and would like me to present - please feel free to make contact.




bottom of page