Return to Search

Join our mailing list

Sign up to our free mailing list to stay updated on the latest from the IRM.

Subscribe Now

Cyber and Information Management Group: Dealing with Cyber at the Board

Date: 2 February 2023, 13:00 -14:00

Click here to view the presentation slides

We are told that Risk Management serves the purpose of helping decision-makers make decisions guided by assessed risk. In recent years, the cyber threat to most organisations has grown in both likelihood and impact as we become more connected in the digital world.

How are these risks conveyed to the decision-makers at the Board Level? And whose responsibility is it to ensure the board understands what cyber is and the dangers it can pose to the effective operation of their organisation?

Delivered by David Jones, Non-Executive Director at Ofcom, Ofwat and Qualifications Wales, we discussed and shared the challenges faced when engaging with the Board to deal with cyber risk. 

David will introduce you to the Cyber Body of Knowledge which aims to inform and underpin education and professional training for the cybersecurity sector.

 Get his perspective on:

  • Outlining the different roles of the Board vs Audit /Risk Committee
  • How much time do Boards spend on Cyber?
  • What are the key questions that Boards need to ask to assess Cyber risk?
  • How do Companies manage their risks, and where does the risk of Cyber sit within that broad range of risks for a company?
  • Cyber can be a very technical area. How do Boards cope with this? Do they have the expertise?

The recording is now available:


About David Jones:

David Jones is a former Founder and CEO of Cardiff-based Travelink Software and currently holds non-executive roles on the Boards of Ofcom, Ofwat and Qualifications Wales.

Previously, he has held non-executive roles at the Welsh Revenue Authority and for ten years held non-executive positions at Wales’s largest NHS Trusts, the Cardiff and Vale Health Board and the Aneurin Bevan Health Board.

David was the founder of Cyber Security company Enclave Networks in 2012, a company specialising in Zero Trust Secure networks.

Throughout David’s NED career, he has specialised in Cyber Security at both Board and Audit/Risk Committee.

David has been a frequent contributor on TV and radio cyber security, ending these commitments on his appointment to Ofcom, the UK’s media regulator, in 2019. Find him on LinkedIn.