The U.K.’s National Cyber Security Centre (NCSC) recently published a cybersecurity toolkit to help boards ensure that cyber resilience and risk management are embedded throughout an organization, including its people, systems, processes, and technologies.

The toolkit is divided into three main parts. Part one, create the right environment, includes fostering a culture of cybersecurity. Part two, get the right information to support decision making, involves identifying crown jewels and using that information to evaluate and prioritize risk. Part three, take steps to manage those risks, includes implementing cybersecurity controls and creating an incident response plan. Utilizing this toolkit can help organizations prioritize areas for investment that balance the value of protection against the needs of the business and assist with compliance to regulatory requirements, among other benefits. NCSC provides guidance on how to best use the toolkit. Members who are still struggling with board and executive support for cybersecurity strategy are encouraged to review this resource. Read more at NCSC.