What Metrics Does The Board Want To Hear From CISO’s?

Presented by

Alfonso Hermosillo - Consulting Engineer, EMEA, BitSight

About this talk

Not long ago, a board of directors would meet once or twice a year to be briefed on cybersecurity, check the box, and move on. Cybersecurity was little more than an afterthought, and mostly a box-checking exercise for compliance or to make sure the bases were covered in the wake of a newsworthy event. The single biggest responsibility of the board of directors is to protect the company and reduce risk. With little technical understanding at the board level, many were happy to simply throw money at the problem and leave it to IT professionals to handle. But the world has changed substantially in recent years, and some of the most dramatic changes have only come in 2020. Malicious actors are growing more sophisticated. The attack surface and vendor ecosystems have rapidly expanded, refocusing the security conversation towards digital risk and risk tolerance. Boards are increasingly looking at cybersecurity as a crucial part of the business. The problem is, the board doesn’t always know what to look for or how cybersecurity impacts the business.

Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (30)
Subscribers (22271)
BitSight transforms how organizations manage cyber risk. The BitSight Security Ratings Platform applies sophisticated algorithms, producing daily security ratings that range from 250 to 900, to help organizations manage their own security performance; mitigate third party risk; underwrite cyber insurance policies; conduct financial diligence; and assess aggregate risk. With over 2,100 global customers and the largest ecosystem of users and information, BitSight is the Standard in Security Ratings.