Part of Cyber security guide for NHS Non-Executive Directors: Balancing risk
Understanding risks within your organisation
About cyber security
Cyber Security is the protection of devices, services and networks - and the information on them - from theft or damage via electronic means.
Information is the lifeblood of an organisation, and yet with increasing automation and the reliance on connected systems, a compromise of information in one area could impact the entire organisation and its patients.
As a Board, you must understand your strategy for managing cyber risk.
This should include:
- what your cyber security risks are and how they are being prioritised and mitigated
- who is responsible for cyber security and where decisions are made and recorded
- which data and systems you care about most and whether any risk assessments have been carried out
- what level of risk your organisation is prepared to take
- how to promote a positive workforce cyber security culture
Last edited: 18 January 2022 10:04 am