Directors of small businesses and not-for-profit organisations have access to a new guide which outlines obligations around cyber security.
The Cyber Security Handbook for Small Business and Not-for-Profit Directors aims to assist the directors of SMEs and NFPs to enhance their cyber security without introducing unnecessary complexity.
Australian Institute of Company Directors CEO Mark Rigotti said managing cyber risks and building an organisation’s cyber resilience was a key role of a Board.
“Directors of SMEs and NFPs may understandably be overwhelmed trying to keep up with the ever-shifting cyber threat environment,” Mr Rigotti said.
“Cyber security is one of the biggest challenges facing organisations of every size, but small organisations face an even greater challenge having to routinely juggle priorities with constrained human and financial resources.”
He said the guide was applicable across the SME and NFP landscape, not just those organisations directly involved in digital and technology-focused industries.
It covers the role of a director in an elevated cyber threat environment, the fundamentals of cyber security and how to develop internal policies and build a culture of cyber resilience.
Mr Rigotti said through providing clear and concise recommendations for easy implementation, the guide was intended to complement the detailed Australian Signals Directorate Essential Eight maturity model and other key cyber security guidance.
Further information on director duties and legal obligations can be found in the AICD and Cyber Security Cooperative Research Centre Cyber Security Governance Principles.