Live Chat Jan. 7: How CISOs Build the Board’s Cyber-Risk Expertise

FAIRCON24 - Yvette Kanouff

Join us Tuesday, January 7, 2025, at 8:00 AM PST/11:00 AM EST for a live discussion with a panel of experts on bridging the communication gap between board and CISO. Register now!

Increasingly, boards have come around to the realization that cyber risk equals business risk. CISOs can expect a call at any time to come upstairs and explain to the boardroom the organization’s cyber risk posture in the financial terms that the board expects – FAIR (Factor Analysis of Information Risk) is, of course, the standard for cyber-to-business-impact translation in dollars.

On our panel:   

>>Moderator: Yvette Kanouff, Board Member for SAIC, Amdocs, Entegris, Sprinklr (image above)
>>Michael Coden, Senior Adviser, from consultancy BCG

>>Vicki Escarra, also Senior Adviser for BCG

 

Event format:  

We’ll replay the lively panel discussion led by Yvette Kanouff at the recent 2024 FAIR Conference “Do We Need Cyber Expertise at the Board Level?” and take your questions regarding board communication, particularly from the point of view of educating board members on what they need to know about the cyber risk landscape and your organization’s cybersecurity strategy.

What you’ll learn:

Expect a session packed with actionable tips – to pull some from the FAIR Conference session on cyber expertise for board directors:

>>Have a risk-management framework in place (ideally, FAIR-based). Directors will want to assess the credibility of your methods, as well as how consistently you manage risk year to year.

>>To stay aligned with how board members see the problem space, always focus your risk analysis on the “crown jewels” of the organization, those operations or assets of critical importance.

>>Don’t expect any cyber expertise on the part of board members. But if you are lucky enough to have some cyber-savvy directors, carefully cultivate them as sounding boards. Also, understand that boards are very savvy on making risk/reward decisions in general, even if they don’t know cyber.

>>Be prepared to discuss (with metrics) how your organization’s cybersecurity risk management compares to competitors – it’s a standard board question beyond cyber. 

>>Tabletop exercises are a great way to educate board members on cybersecurity issues, encouraging them to think through risk scenarios or risk appetite. Tip: Organize tabletops into several groups of 3 or 4 board members and see how their competitive instincts pull them into deeper engagement.

Join us for this live-chat event:

Best of FAIRCON24 | Do We Need Cyber Expertise at the Board Level?

Tuesday, January 7, 2025, at 8:00 AM PST/11:00 AM EST

Register now!

 


 

Attention, FAIR institute members and blog post subscribersI

Any topics you’d like to see covered in our blog? We welcome your suggestions and your blog post contributions. Contact us!

We’re also looking for members we can interview for our Meet a Member series. We want to hear your FAIR story!  Contact Luke Bader, Director Membership and Programs.


 

Learn How FAIR Can Help You Make Better Business Decisions

Order today
image 37