Directors Are From Mars, CISOs Are From Venus
In this exclusive podcast series, “Take Back Control of Your Cybersecurity Now,” Paul Ferrillo and Christophe Veltsos share insights from their recently released book of the same name. By explaining top threats and cyber risks in plain language, Ferrillo and Veltsos not only illustrate today’s perilous landscape, but also build a convincing case for why cybersecurity must be a key business priority.
In the second episode of the series, Ferrillo and Veltsos join moderator Mitch Mayne to examine what they deem the most serious issue in security today: communication. While chief information security officers (CISOs) and boards of directors all seek what’s best for the organization, a language barrier between the two may be inhibiting the very conversations that are most necessary.
For instance, a CISO might be most comfortable describing security scenarios in the technical jargon that he or she uses with the IT team; however, the board needs a plain English description of cyber risk and its potential impact on business objectives. Boards are accustomed to dealing with sales, expenses and other measurable terms. To communicate effectively, CISOs need to provide information that boards will understand, and, as Veltsos emphasized, they need to use the right metaphors.
Listen to the complete podcast for more specific recommendations on how to bridge the communications gap between the CISO and the board of directors. And tune in again next week for our third episode, which will return to the theme of communication but focus on how the CISO communicates with other members of the C-suite.