Los Angeles, Calif. – Apr. 15, 2019
CEOs and other board members are more engaged in cybersecurity conversations than ever before.
In fact, I remember when CISOs carried the sole responsibility of security – now everyone around the table is accountable. CISOs aren’t just educating in the boardroom, as they once had.
Why? It’s no surprise that one of the biggest challenges an organization will face today is cybercrime. Every organization, big or small, runs the risk of being targeted by hackers. It’s just a matter of when.
Good news! The C-Suite has matured and is finally asking the right questions and holding their teams accountable for cybersecurity.
However, we need to remember that each person around that boardroom table has a slightly different perspective and different priorities:
At the end of the day, the C-Suite shares the same concerns regarding security risk and liability as the CISO so it’s important to keep the lines of communication open and keep the board informed. After all – nobody wants to be blindsided!
As cybersecurity becomes more digestible with your C-Suite and board members I recommend aligning on a security roadmap with your executive leadership team and developing KPIs that you can report on regularly. This way everyone is on the same page when it comes to security programming. The stakes are simply too high to manage security on a reactive or ad hoc basis.
If you don’t already have one, here’s a Sample Security Roadmap for Enterprises. It includes a questionnaire that is useful for developing your own roadmap, and Key Performance Indicators (KPIs) to keep your security program on track.
Bruce Schneier once said, “Security is a journey, not a destination.”
In cybersecurity, the only constant is change. By developing a strong security roadmap and a few key metrics, you can breathe a little easier knowing at least your organization has a plan in place.
To Your Success,
Originally posted on cybersecurityventures.com