Author Topic: IDG Contributor Network: How CISOs should address their boards about security  (Read 19 times)

0 Members and 1 Guest are viewing this topic.

Offline Scarlett

  • Updates Moderator
  • *
  • Posts: 22996
IDG Contributor Network: How CISOs should address their boards about security
25 April 2017, 2:09 pm

There are two times you might have to talk to your organization’s board of directors about security: before a breach and after. Be sure you’ve had the former before you need to have the latter.

The board of directors, whose duty it is to run the company in the long-term interest of the owners, needs to know you’ve taken prudent steps to protect the organization’s digital assets. That should mean the board wants to talk with you, the CISO, to learn firsthand what your department is doing to mitigate information security threats.

+ Also on Network World: How to survive in the CISO hot seat +

Board members want a high-level picture of the threat landscape and a checklist of the measures you’ve taken and policies you’ve adopted to protect the organization. Your job is to provide the board with perspective and not necessarily details. A scorecard or checklist can be an effective visual and a good starting point for a discussion of the organization’s security measures. It lets you provide a high-level overview, and it gives you a road map for diving into details if the board asks for more information.

To read this article in full or to leave a comment, please click here

Source: Network World Security

>> To obtain the full NetworkWorld Security article, click the link in the first post line <<


Except where otherwise stated, all content, graphics, banners and images included © 2006 - 2018 Smokey Services™ -- All rights reserved
Design board graphics, banners and images by DSTM & PseFrank

This site does not store profiling-, tracking-, third-party and/or any other non-essential cookie(s) on client computers and is fully compliant with the EU ePrivacy Directive
Smokey's does not use any Web Analytics/Analysis Service, and also does not use any browser fingerprinting techniques

Smokey's also provides free fully qualified Log / Malware Analysis & Removal Help and System Health Checks