Have you ever personally conducted workshops/activities for security awareness training with your own board members? What was most effective? What would you do differently today?

Awareness & TrainingSecurity Strategy & RoadmapBoard Engagement
5.4k views5 Comments
Sort By:
Oldest
Senior Manager - IT Governance in Healthcare and Biotecha year ago
Drafted some general information for the Board, which was presented up by the exec. In my experience the written form doesn't always land. We did recently attend an event where a CEO talked through his personal experience in terms of living through a ransomware attack...and we're working on getting this person in front of our execs/board. My theory is that lived experience would have a greater impact than some stats on paper.

In terms of standard security awareness training, I find it necessary to include some role-based aspects...including admins, execs, board...some providers have specialised training available which helps.
Chief Information Technology Officer in IT Servicesa year ago
Yes, but most of the time up to now, they were rather static presentations. The next actions will be more dynamic presentations with live demonstrations on tools, different cybersecurity scenarios, and activities. I also plan to use new tools that allow for dynamic presentations with live questions.
1 Reply
Senior Manager - IT Governance in Healthcare and Biotecha year ago

Table top exercises that involve them in a simulated incident also helps

lock icon

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

  • Peer Discussions and Polls
  • One-Minute Insights
  • Connect with like-minded individuals
CIO9 months ago
Hello,

Yes, I did use a gamification approach to the board members with a workshop that was presented last year and this year at Symposium. Gamification change completly the spectrum of the board member.
CISO in Insurance (except health)8 months ago
I try to build security awareness into presentations of the state of the security program overall, so they don't know it is awareness & training. 

Content you might like

What’s on your IAM roadmap for the next 18-24 months?

Identity & Access Management (IAM)Threat & Vulnerability ManagementSecurity Strategy & Roadmap
Director of IT in IT Services4 days ago
Implementation of Zero trust architecture, its modules across the organisation is a priority for us. So, we will be implementing zero trust strategies in IAM, inline with overall strategy.
1.4k views1 Comment

What's a greater concern for returning to the office? Comment how you are prioritizing...

People & LeadershipStrategy & ArchitectureCloud+29 more

Human Factors (fears, mental health, physical spacing)85%

Technical / IT Factors (on-premise tools, pivoting back away from remote)14%

3.7k views3 Upvotes2 Comments

How can CISOs influence (or perhaps even contribute to) the business’s AI adoption strategy?

Security Strategy & RoadmapSecurityDisruptive & Emerging Technologies+3 more
CISO in Manufacturinga month ago
CISOs have a unique opportunity to proactively shape their organization's AI adoption strategy, Because AI adoption is either in the process of emerging or companies that have already gone down a path are readjusting their ...read more
1
Read More Comments
701 views6 Comments

What is your organization’s current status for implementing endpoint security to protect O365 on mobile devices?

End-User Services & CollaborationSecurity & GRCDevice Management+14 more

Implementation complete23%

Implementation in progress54%

Planned within the next 12 months12%

Not planned7%

Not enabling O365 on mobile2%

View Results
2.4k views2 Upvotes

Can you share advice for leaders looking to shift to a multi-cloud strategy for better resilience in the event of major disruption (such as the recent CrowdStrike outage)? What best practices or common pitfalls are most important to consider?

Security Strategy & RoadmapSecurityPeer Insights+2 more
CISO/CPO & Adjunct Law Professor in Finance (non-banking)a month ago
1.       Ensure the “different” providers are not front ends for the same foundational provider.

2.       Review the track record of each provider on the whole as well as their record with organizations of your size, ...read more
1
Read More Comments
506 views3 Comments