The Working Group aims to inspire, educate and further thought leadership.

Our highly-interconnected world increases every organisations probability of a cyber attack. Cybersecurity and its threat landscape continues to evolve rapidly and dynamically, outpacing the development of laws and regulations that seek to govern them. Frequently, lack of attribution of an attack further complicates compliance efforts. The resulting ‘governance gap’ necessitates creative, cross-disciplinary approaches to mitigating attendant risks as well as the formulation of principle-based frameworks so that organisations can better defend themselves against – and recover from – cyber attacks. Individually, companies and organisations are at a disadvantage in identifying and addressing cybersecurity threats and challenges. Collectively however, they can minimise risk, optimise new opportunities and enhance their cyber resilience by sharing best practices and insights which allows for the ability to dialogue on how mutual data security efforts might strengthen an oganisation’s cyber defence strategy, ensure the rule of law, whilst also respecting the sovereignty of organisations to define their own approaches. 

The Cyber Law & Governance Working Group Objectives are:

• Use open discoure to develop the dialogue and discussion on cybersecurity risk and governance challenges to enable organisations of all sizes across the public and private sectors to better understand and address a rapidly evolving cyber threat landscape and deduct attendant regulatory and legal impacts 
• Identify professionals to offer industry insights and best practices, raising awareness about novel or emerging cybersecurity governance challenges including new and developing laws
• Promote high-level public-private partnerships to work collaboratively to bring the most effective resources to the forefront for all parties
• Contribute to the thought leadership on issues of  cybersecurity risk and governance to develop proactive measures that assist in closing cybersecurity governance gaps.

This limited, invitation-only Working Group generally meets on a quarterly basis at which either a roundtable discussion or presentation is held. Participants share their expertise as cyber governance issues are identified and addressed, and work in a collaborative manner to develop solutions and enhance the capabilitity of the business community and other stakeholders to prevent, address and respond to such cybersecurity issues. 

The aims of the Cyber Law & Governance Working Group are to:

• Bring together interested parties with functional and general professional expertise, in and outside of cybersecurity, information security, information technology, law, risk, ethics, compliance, organisational psychology, and other disciplines, to share their knowledge and insights, network and enrich the dialogue and discussion on cybersecurity, risk and governance with cross-disciplinary and multi-disciplinary persepectives. 

• Further the dialogue and discussion on cybersecurity, risk and governance through roundtables, presentations and awareness sessions, to enable organisations of all sizes across the public and private sectors to better understand and respond to a rapidly evolving cyber threat landscape that is outpacing laws and regulations that govern it. 

• Develop and contribute to the thought leadership in this space, fostering new ideas and approaches to addressing the rapidly evolving legal, financial, operational, reputational and strategic risks of cyber threats and supporting and developing principle-based governance frameworks that address the governance gap.  

Main touch points

• We inspire by connecting professionals from across the industry, government, and academia and providing them with a platform to share their insights and present on current and evolving laws and regulations and principle-based frameworks that govern cybersecurity attacks, threats, and risks, and to discuss emerging challenges and opportunities in the governance of cybersecurity.
• We educate through open, collaborative, cross-disciplinary discussion where novel or developing laws and regulations are analyzed to deduct the implications for organizations, and creative approaches to addressing cybersecurity governance challenges are shared and discussed. 
• We further thought leadership in cybersecurity risk and governance by ensuring that the dynamic and multidimensional aspects of cybersecurity are approached through a multidisciplinary lens, and encouraging curiosity and creativity in discussing and addressing the cybersecurity governance challenges faced by organisations.