August 21, 2018 | Content Aggregator - Single Slide | Board Communication
73% of organizations say either the CISO or CSO has primary responsibility for briefing board members on cybersecurity, while the CIO is responsible 27% of the time.
Full boards spend relatively little time on cybersecurity. More than half of boards spend only 1-5% of their meetings on cybersecurity, while just 7% of boards spend more than 10% of their meetings discussing security.
When it comes to partnerships between cybersecurity and the board, 64 percent of CISOs say they are in early stages, where the board is largely listening and learning from briefings, or maturing partnerships.
Although each organization’s business model, infrastructure, personalities and security posture may be different, some common themes should be considered when communicating upward to the board of directors. Here are 10 tips designed to help you prepare and communicate important security-related information to assist the board in making sound decisions.