))
E21 - Cybersecurity for trustees - with guest host Penny Wilson
Manage episode 346580768 series 2989218
Content provided by Michala Liavaag. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Michala Liavaag or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
In this episode, we turned the tables: Penny Wilson interviews Michala Liavaag!
Penny Wilson is the CEO of Getting on Board, a trustee recruitment and diversity charity. Penny has been a trustee of several charities and is currently a trustee of the National Migraine Centre.
Penny asks Michala questions about cybersecurity from the perspective of trustees.
Starting with the basics of what cybersecurity, the importance of robust process design, through to the nuances of obtaining insurance coverage, and much more.
This episode is full of resources and practical tips for trustees.
👉 Cited in this episode:
Getting on Board - why we campaign https://www.gettingonboard.org/why-we-campaign
Cybility Cybersecurity Ring of Resources - https://bit.ly/cybilityring4charities
More Cybility resources https://www.cybilityconsulting.co.uk/cms/resources-cybersecurity
National Cyber Security Centre (NCSC)
- Create your Cyber Action Plan - https://bit.ly/Cybility2CyberActionPlan
- Small Charity Guide - https://www.ncsc.gov.uk/collection/charity
- Board Toolkit - https://bit.ly/Cybility2BoardToolkit
Cybility Savvy Episodes
- VPN - https://www.cybilityconsulting.co.uk/cms/cybilitysavvy/safe-communcations
- Risk - https://www.cybilityconsulting.co.uk/cms/cybilitysavvy/charities-risk
- Insurance - https://www.cybilityconsulting.co.uk/cms/cybilitysavvy/cybersecurity-change
IT Infrastructure Library (ITIL) a background on good IT service management practices - https://bit.ly/Cybility2ITILprocess
South East Cyber Resilience Centre
- Sign up, it's free - https://bit.ly/Cybility2SECRCpartner
- Incident Response Plan Template - https://bit.ly/SECRC-CIRplan
CREST Incident Response Implementation & Procurement Guides - https://bit.ly/Cybility2CRESTIRguides
Charity Commission Incident Reporting - https://bit.ly/Cybility2CCincident
ICO quarterly review - https://bit.ly/Cybility2ICOtrends
Verizon data breach report - https://vz.to/3DOwk1T
-----
⭐Found this useful? Please rate and review, as it helps reaching more people
-----
⭐Found this useful? Please rate and review, as it helps reaching more people
👍You can also subscribe and share on social media
💬 Contribute to future episodes with your cyber security concerns and questions
🤝Connect with Michala and Cybility Savvy:
✅ LinkedIn ✅ Twitter ✅ Youtube ✅ Instagram
---
✍🏾Written and produced by Michala Liavaag
🎦Co-produced and edited by Ana Garner video
🎵Music by CFO Garner
Chapters
1. Intro (00:00:00)
2. What is Cyber Security? (00:00:43)
3. What kind of information do charities hold? (00:02:35)
4. Why should trustees care about cybersecurity? (00:05:25)
5. Do you think that charities are low hanging fruit? (00:07:50)
6. Trust and insider threat (00:08:38)
7. What are the five basic controls we should have in place? (00:11:02)
8. Identity and access managemen (00:11:25)
9. Authentication (00:13:08)
10. Secure configuration of systems (00:15:05)
11. Keeping systems update (00:16:30)
12. Data beyond the castle walls (00:17:40)
13. Anti-malware (00:18:40)
14. Where might trustees for small charities start? (00:19:19)
15. Where might trustees for large charities start? (00:21:30)
16. Trustee engagement with operational staff (00:24:25)
17. How should this appear on risk registers? (00:26:32)
18. What are the most common breaches? (00:31:06)
19. What protection does insurance provide? (00:36:35)
20. What would you say to motivate trustees to learn about cybersecurity? (00:39:04)
21. Where can you find good resources? (00:40:14)
22. Responding to an incident (00:42:29)
30 episodes
Share
