Communicating technology and security to the board of directors or executive management has been an ongoing battle for I.T. professionals. Security and other technical matters was seen by the board as solely the responsibility of the I.T. staff which was a barrier in communicating technical needs. However, as media attention has put a spotlight on cybersecurity by broadcasting high-profile data breaches and the consequences therein, board members are starting to take more of an interest in understanding the technology and the organizational security posture. As such, it is much easier to obtain the proper tools, equipment, and software required to put the company in the best possible security position. (Budge, Pollard, & McKay, 2019).
CISOs are now expected to create a trusted dialogue and build a culture of trust with the board of directors. This process will assist in educating the board which will provide the necessary influence to obtain an adequate budget and opening a trustworthy door to report shortcomings and incidents. This relationship will reassure the board that everything presented to them is viable and worth time to consider. The CISO must listen to the board’s concerns and act in a manner that addresses those concerns. (Budge, Pollard, & McKay, 2019).
Reference
Budge, J., Pollard, J., & McKay, P. (2019, January 15). How Do You Talk To Your Board About Cybersecurity? An Old Problem In A New World. Retrieved from https://go.forrester.com/blogs/how-do-you-talk-to-your-boards-about-cybersecurity-an-old-problem-in-a-new-world/
luckyqloo
W7D1..RI.docx
0
