Strategic Insights
Perspectives on governance, risk, and technology leadership.
Boards Should Ask this First
For years, the cybersecurity question at the board level, and often at the management level, was simply: are we secure? I've come to believe that's the wrong question to lead with. At minimum, it's an incomplete one.
READ ARTICLE →Tech Risk is Business Risk
Twenty years ago, technology supported the business. Today, technology drives the business. This distinction matters for how boards govern.
READ ARTICLE →The Financial Risk Double Standard
Boards wouldn’t accept an unreviewed balance sheet. We wouldn’t tolerate undefined ownership of financial risk, or a review cadence that treats it as an annual event, regardless of what is happening in the business. Yet this standard is still common in technology governance.
READ ARTICLE →