A panel of security professionals discuss the top three tips for how CISOs and risk officers can help improve board communication around security.
CISOs and other executives are tasked with keeping the board of directors up-to-date on security-related matters. The board may not require granular details, but whether it’s a report on the company’s overall security posture, an analysis of the current threat landscape, an update to the organization’s threat detection and response plan, or other broad policy matters, there’s a lot to keep the board informed of. And when an organization is subject to regulations like PCI-DSS, SOX, HIPAA, or the GDPR, the board of directors may be hyper-vigilant and want more frequent updates on security and compliance issues to protect the organization’s interests – and avoid costly consequences of non-compliance.
So, whether you’re keeping the board informed of run-of-the-mill security concerns or providing detailed reports on how the company maintains regulatory compliance, improving board communication around security is a top concern for today’s executives.