Achieve Common Ground With Your Board for Enterprise-Wide Security
Cyber risk is not just a security issue; it’s a business issue. Alignment of security leaders and top business stakeholders maximizes resources and sets expectations for how an effective security program can enable business growth by building trust and defending against costly cyberattacks.
Cybersecurity in the Board Room Academy Course
Free for a limited time! Use Promo Code: board-education Learn how the Board of Directors and CISO can team up to protect a company from cyber attack and build resilience.
Learn More-
How do you demonstrate value to the board?
Jasper Ossentjuk, NielsenIQ
While technical talk resonates with security professionals, it’s the language of profit and loss that resonates with boards. Cyber professionals who interact with the board would do well to communicate in terms that are more quantifiable and tailor their language to what resonates with that audience: How much risk a security program will mitigate – in dollars and cents.
For more watch the full webinar.
-
Having the risk transfer conversation
Anna Sarnek, SecurityScorecard
As an organization comes to an understanding of how much risk it’s willing to accept, risk quantification and decision analytics enables a clear understanding of ROI in financial terms.
This allows the conversation to shift from talk of throwing money at the problem and hoping for the greatest return to an understanding of risk mitigation and whether the organization is willing to accept the level of risk. The next step is exploring risk transfer via cyber insurance.
For more watch the full webinar.
-
How do you prepare to present to the board?
Jasper Ossentjuk, NielsenIQ
When CFOs present to the board, they generally don’t have to start with Finance 101. Boards tend to have an understanding of quarterly results, the yearly forecast, and the stock price. But CISOs need to deliver a two-part message including both foundational technical information and cybersecurity risks framed within a financial context. Telling the board that there are a lot of unpatched vulnerabilities, for example, doesn’t do anyone much good. It’s more effective to use financial benchmarks or even metaphors to convey cyber risk in terms that will resonate with the audience.
For more watch the full webinar.
-
How do you prioritize cybersecurity investments?
Anna Sarnek, SecurityScorecard
Even as technical representation becomes more common on Boards, the list of security remediation recommendations can be overwhelming. One of the many ways that CISOs bring value is by prioritizing which actions to take. Moreover, they can put these remediation activities in the context of the financial and operational impact to the business.
For more watch the full webinar.
-
Why is accountability for cyber risk at the board level needed?
Jasper Ossentjuk, NielsenIQ
When a breach happens, the “blame game” of firing the CISO or CIO falls short of creating the right accountability. Having cyber expertise on the board and a process by which cyber risk is discussed at board level encourages shared accountability in leadership with a goal toward proper investment, proper governance, improved control environments, and stronger security programs.
For more watch the full webinar.