It’s becoming standard for the CISO to present an annual risk report to the Board of Directors, but throughout the year, many CISOs must still deliver their message by proxy to the C-suite and board, which means the data, priorities and risk levels may take on the bias of the person presenting.
Lapses in executive accountability can result in poorly communicated security policies, compromising even the best security programme.
The Flow of Communication Among the CISO, C-Suite and Board of Directors discusses:
- The challenges inherent to sharing security information across the organisation
- Creating effective communications flows
- Defining roles for a linear communications framework from top to bottom
Ultimately, a closed-loop communications flow ensures the right information is disseminated by the right people in order to support a risk mitigating security programme.