Baker leads the Cyentia Institute which produced a major study on CISO-Board communication and is working on a new study about the metrics Boards want to see.
He was joined by
“The repeated theme I kept hearing from the panel is that CISOs and the board members think differently,” says Baker. “We all know that but it’s nice to get more insight to how they think differently.”
One big takeaway for CISOs: “Just remember you are not talking to security people and you’ve got to think how this is relevant to the business. By the way, that’s incredibly useful for security leaders, too, because we tend to be trapped in our own technology and security world.”
For more tips on communicating to the Board and the business, see the entire video of the panel discussion on the FAIR Institute’s Member Resources page—a (free) membership is required.
Here’s a preview:
More from the 2017 FAIR Conference:
When Non-Compliance Is A-OK [Video]
What Metrics Matter in Risk Management [Video]