home_banner `

Content Icon

Presenting to the Board: Four Tips for CISOs

October 10, 2018 | Content Aggregator - Single Slide | Board Communication

When speaking with the board, CISOs should describe cybersecurity in broader risk management terms, tell a story, leverage visually appealing charts and graphs to show measurements and metrics, and avoid trying to completely own cyber risk themselves. Instead, get the board on your side and let directors do some of the thinking to help set strategy.
IANS

— INSIGHTS PORTAL —

 SUBSCRIPTION REQUIRED
Please Login to continue or Become a Client

Related Research

Convey Breach Preparedness to Execs Clearly

What is the most effective way to communicate to executive management the state of an organization's preparedness for a breach? In this Ask-an-Expert written response, IANS Faculty Josh Marpet details some standard methods but says tabletop exercises are far and away the best.

Infosec in 2019: IANS Faculty Detail What to Expect

In this Topic Guide, IANS Faculty turn their attention to the critical information security issues facing enterprises in 2019. From automation, containerization and Office 365 mailbox compromise to privacy and leadership skills, IANS has you covered.

Overview of Board’s Most Discussed Cybersecurity Topics

Maximum airtime in the boardroom is given to external threat trends (62%), incidents and losses (54%), and risk appetite/exposure (53%), with minimal discussion of operational minutiae and compliance.

How CISOs Express Cyber Risk to the Board of Directors

CISOs use a variety of methods to express exposure to the board of directors, including using a narrative or story (36%), a categorical or ordinal scale, such as low or high (47%) and as a numerical score or rating, such as 90 out of 100 (22%).

We use cookies to deliver you the best experience on our website. By continuing to use our website, you consent to our cookie usage and revised Privacy Statement.