Ransomware is a key agenda item in the boardroom. CISOs are expected to report on their organisation’s ability to respond to and recover from a ransomware attack, but can board members trust the information they’re being given?
Our latest research involving 1,200 security leaders reveals that while 91% are reporting to their board on ransomware protection levels, just 33% of CISOs are “very satisfied” with the time, resource, accuracy and detail of their ransomware board reporting.
The research also reveals that:
Download our new guide for insight on how CISOs can create accurate cybersecurity board reports that build confidence in their organisation’s security posture and ability to mitigate a ransomware attack.Download report
Alongside the findings from our research, it includes interviews with Andrew Jaquith and David Fairman, who are both experienced Fortune 500 CISOs and board members. They share their experiences of reporting cybersecurity to the board, including eight questions that CISOs need to prepare for when going into a board meeting.
Andrew Jaquith is a cybersecurity and risk executive, with experience in successful startups and global Fortune 100 environments. He previously managed a broad range of technology risk at Goldman Sachs and JP Morgan Chase, and is author of Security Metrics: Replacing Fear, Uncertainty and Doubt.
David Fairman is an experienced CSO/CISO, board member, investor and coach. He’s worked and consulted for large financial institutions and Fortune 500 companies. David has been actively involved in founding several industry alliances and expert groups across multiple regions.