Yesterday’s News: Security is a Board level issue
The fact that cybersecurity is a board issue is yesterday’s news. You’d be hard pressed today to find a CISO who isn’t spending more time preparing reports for their executive and audit committees. Today’s dilemma is what information to share in order to help inform business decisions.
As CISOs grapple with this problem, they face two challenges. First; how to explain what ‘cyber’ means for business risk. Second; how to show the value their budget is delivering. As Charles Bligh, MD of TalkTalk Business, stated after the company’s data breach, the question security’s audience want answered is: “…can we describe the levels of security and the defenses we have, and what is our risk profile?”