Cybersecurity Board-Level Consulting Practice

Cybersecurity Board-Level Consulting

About Our Cybersecurity Board-Level Consulting Practice

Law and Forensics Cybersecurity Board Level Consulting practice has decades of experience educating and training Board members of public companies, private corporations, and non-profits alike on cybersecurity. We have worked to educate and train Board Members at both large and small institutions on strategies for executing oversight and implementation of a sound cybersecurity program.

Our work includes establishing global guidance and direction of establishing the right culture related to cybersecurity, driving policy and strategy, creating and/or defining a global risk profile, and working with company executives to prioritize and develop cyber programs. Our experience has shown that training and educating board members on cybersecurity issues at any company is a challenge because of the very little time, which is why Law & Forensics has created proven cyber education that is simple, short, and conducted on an annual or semi-annual basis for board members.

Our Services

100s of years of collective experience doing cybersecurity. And of course working out of the box and solving problems…

Board Member Training Independent Program Evaluation In-boardroom Briefings Training for New Board Members

Cybersecurity Board Member Training

Deliver, create, and update training materials and classes for board members that focus on enabling the board members to be effective in managing, building, and addressing cybersecurity risks.
Create training materials for boards that assist board members in asking the right questions of an organization’s senior leadership in audit, compliance, risk, and information security specific to cybersecurity risk.
Work with board members to develop criteria to assess an organization’s governance program and policies with respect to cybersecurity risk.

Independent Cybersecurity Program Evaluation

Perform an independent assessment of an organization’s existing cybersecurity program and reporting the findings of the assessment to the Board of Directors. Efforts include interviewing cybersecurity leadership, evaluating cybersecurity controls and procedures, ascertaining risk and quantification models used in relation to cyber, authoring a report for the Board of Directors, and presenting the findings to the Board of Directors and appropriate Committees.

In-boardroom Cybersecurity Briefings

Provide general and customized boardroom briefings for board, audit, and cybersecurity committees on all aspects of cybersecurity including: managing strategy and risk, evaluating the performance of the executive team and CISO in relation to cybersecurity program, and mechanisms to determine the effectiveness of an organization’s cybersecurity program and ascertain the associated risk models.

On-Boarding Cybersecurity Training for New Board Members

Create a custom program to work with a company to develop the director’s onboarding needs including materials.
Deliver personalized briefings and presentations appropriate to the director’s committee assignments and board experience around cybersecurity.
Work with specific directors to develop a fundamental understanding of the specific industry risks confronting that particular company.

Case Studies by Industry

Healthcare Sector

Industry/Sector: Healthcare

Type of Case: Cybersecurity Board Member Training

Description: Retained by the board of a large private company in the healthcare sector to work with outside counsel and consultants to spearhead the creation of a cybersecurity program for the board. Efforts included:

- Evaluating the existing cybersecurity program,
- Identifying gaps in the existing curriculum,
- Reviewing and validating that the training covered various federal and state regulations,
- Creating new cybersecurity materials with outside counsel sufficiently detailed to demonstrate that the Board was making a good faith effort to address cybersecurity.

Global High End Retail Company

Industry/Sector: Retail

Type of Case: On-Boarding Cybersecurity Training for New Board Members

Description: Hired by the Board of Directors to work with the Audit Committee of a large retail organization to create new cybersecurity training materials and brief new board members on cybersecurity issues unique to the complex multi-national company operating in several different countries. Efforts included:

- Reviewing existing cybersecurity training materials and creating new materials as appropriate,
- Developing a one-on-one training course for new board members on cybersecurity issues that could be conducted in-person or on-line,
- Working with senior cybersecurity leadership to support the effort on a going forward basis.

Steel Sector

Industry/Sector: Steel

Type of Case: Independent Cybersecurity Program Evaluation

Description: Hired by the Board of Directors of a large steel company to conduct an independent evaluation of the CISO and cybersecurity program. Efforts included:

- Reviewing the entire cybersecurity program against NIST 800-53 controls and procedures,
- Evaluating the skills of the cybersecurity team and associated vendors,
- Authoring a report for the board with results of analysis,
- Presenting the high-level findings and recommendations to the Board of Directors and a more granular presentation to the Audit Committee.

1.23k Cases

solved to date

10.4k Computers

forensically analyzed

980 Mobile Devices

scanned with our software

50.3k Mailboxes

examined by LnF

3.3k Social

media accounts analyzed

453 Expert

reports written

Cybersecurity Board-Level Consulting Practice Edge

Capabilities

Advised and consulted to both private and public company Boards, Committees, and Board Members on a wide range of cybersecurity issues. Our Cybersecurity Board-Level practice has cybersecurity subject matter experts that can address any issue from a legal, risk, and technical perspective, and includes individuals who are active board members themselves.

Competitive fees

Our fees structure is competitive, we offer clients success based, hourly and/or fixed fee arrangements while ensuring that each engagement is spearheaded by a knowledgeable and experienced senior team member of our team.

Expertise

Our cybersecurity board team consists of world class experts who have consulted and presented to hundreds of different public and private boards and organizations on cybersecurity issues. Our evaluations of cybersecurity programs and CISOs have yielded positive results and provided regulators with proof of the importance the board places on maintaining robust cybersecurity and privacy protections and procedures.

Quality Control

We deliver prompt solutions and thoughtful recommendations that rigorously meet or exceed industry best practices and meet the needs of our clients.