How do you manage expectations among your executive leadership without negatively impacting perceptions of both the security function’s effectiveness and your own effectiveness as the CISO?

People & LeadershipSecurity & GRCInternal CXO Relationships
246 views2 Comments
Sort By:
Oldest
Director of IT4 months ago
Utilize Data and Facts.  Financial implications of an undetected breach, vs cost of  detection and/ or prevention.  Provide data that shows which is the right ROI for the company, and base solutions on the level of risk the company is willing to take.  Infrastructure and APP SLAs are not 100%, why should the expectation be 100% that your company would not be breached.   As a CISO, work with your peers to determine which systems and data are critical and add extra layers of protection as finances and time permits.

lock icon

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

  • Peer Discussions and Polls
  • One-Minute Insights
  • Connect with like-minded individuals
CISO in Government4 months ago
I try to involve my CIO as much as I can about the challenges as well as our wins. In my experience, the engagement works better than reports and statistics. But each organization is different. I know some colleagues have to deal with executives that only look at cyber as a money pit with no tangible ROIs. In those unfortunate instances using data to show the level of risk is the only option, because ultimately it’s the executive leadership who has to decide how much risk appetite the organization has. 
1

Content you might like

How can CISOs influence (or perhaps even contribute to) the business’s AI adoption strategy?

Security Strategy & RoadmapSecurityDisruptive & Emerging Technologies+3 more
CISO in Manufacturinga month ago
CISOs have a unique opportunity to proactively shape their organization's AI adoption strategy, Because AI adoption is either in the process of emerging or companies that have already gone down a path are readjusting their ...read more
1
Read More Comments
701 views6 Comments

What is your organization’s current status for implementing endpoint security to protect O365 on mobile devices?

End-User Services & CollaborationSecurity & GRCDevice Management+14 more

Implementation complete23%

Implementation in progress54%

Planned within the next 12 months12%

Not planned7%

Not enabling O365 on mobile2%

View Results
2.4k views2 Upvotes

I am increasingly having to present to our board and it’s not always the best experience. Do you have any advice on how best to approach a company board that is not technical at all?

People & Leadership
Chief Cloud Officer in Software6 years ago
My board experience has primarily been with board members that are not technical. The approach I take is to "translate" technical bits into business impact information. It seems many non-technical board members care most ...read more
64 3 Replies
Read More Comments
177.4k views169 Upvotes153 Comments

How do you think AI will disrupt business across industries? Add to my list: 1. Content creation 2. Photos and video production 3. Basic coding and debugging 4. Strategic analysis to be highly complimented 

Disruptive & Emerging TechnologiesData & AnalyticsPeople & Leadership+1 more
Principal in Finance (non-banking)a year ago
Almost too many to list. I believe original content — written, photos, and videos — are all but certain to become widely synthetic. Perhaps people will do some humanizing of the content but most of it will be artificially ...read more
5 1 Reply
Read More Comments
175.5k views40 Upvotes97 Comments

Are below the operating system vulnerabilities a top concern for your organization?

EngineeringGovernance, Risk & ComplianceSecurity & GRC+1 more

Yes79%

No20%

5k views3 Comments