The connection between cybersecurity and a company’s bottom line is crystal clear to board members — and they’re worried. In fact, according to a study conducted by the New York Stock Exchange and Veracode, more than 80 percent of corporate directors now discuss cybersecurity at most or all boardroom meetings. At the same time, a surprising 66 percent are not fully confident their companies are properly secured against cyberattacks. How can CISOs allay this fear?

CISOs can become more effective, strategic leaders by understanding prevailing perceptions about cybersecurity before stepping foot into the boardroom. But why is this so difficult? Many CISOs struggle to make a better case for security because linking security and risk management to corporate performance often isn’t a linear discussion.

Despite these challenges, most CISOs recognize that they need to start speaking the language of the board and non-IT executives, rather than the language of technology. The board doesn’t care how many firewalls or redundancies you have put in place. They care about risk reduction and how security is impacting productivity. They assume this impact is negative so they hope the answer is “very little.” In reality, security can have a positive impact on the enterprise’s innovation strategy and even demonstrate ROI beyond the traditional “we didn’t get breached.”

On July 23, Chris Wysopal, CISO and CTO for Veracode, will examine the results of the NYSE and Veracode board survey during a webinar with SC Magazine. The exclusive peek into how the board views security will provide CISOs with insights on how they can better communicate to their boards of directors. Chris will also share his recommendations based on his own experience presenting to boards and his ongoing conversations with fellow CISOs.

You can register to view the webinar here:

About Jessica Lavery

Jessica is part of the content team at Veracode. In this role she strives to create and promote content that will engage, educate and inspire security professionals around the topic of application security. Jessica’s involvement with the security industry goes back more than a decade at companies like Astaro, and Sophos where she held roles in corporate communication and marketing.

Comments (0)

Please Post Your Comments & Reviews

Your email address will not be published. Required fields are marked *

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.