The connection between cybersecurity and a company’s bottom line is crystal clear to board members — and they’re worried. In fact, according to a study conducted by the New York Stock Exchange and Veracode, more than 80 percent of corporate directors now discuss cybersecurity at most or all boardroom meetings. At the same time, a surprising 66 percent are not fully confident their companies are properly secured against cyberattacks. How can CISOs allay this fear?
CISOs can become more effective, strategic leaders by understanding prevailing perceptions about cybersecurity before stepping foot into the boardroom. But why is this so difficult? Many CISOs struggle to make a better case for security because linking security and risk management to corporate performance often isn’t a linear discussion.
Despite these challenges, most CISOs recognize that they need to start speaking the language of the board and non-IT executives, rather than the language of technology. The board doesn’t care how many firewalls or redundancies you have put in place. They care about risk reduction and how security is impacting productivity. They assume this impact is negative so they hope the answer is “very little.” In reality, security can have a positive impact on the enterprise’s innovation strategy and even demonstrate ROI beyond the traditional “we didn’t get breached.”
On July 23, Chris Wysopal, CISO and CTO for Veracode, will examine the results of the NYSE and Veracode board survey during a webinar with SC Magazine. The exclusive peek into how the board views security will provide CISOs with insights on how they can better communicate to their boards of directors. Chris will also share his recommendations based on his own experience presenting to boards and his ongoing conversations with fellow CISOs.
You can register to view the webinar here: https://info.veracode.com/webinar-nyse-survey-understanding-cybersecurity-in-the-boardroom.html