As organizations face mounting regulatory pressure, relentless cyberattacks, and the accelerating pace of digital transformation, the CISO’s ability to work effectively with CEOs and the board has never been more critical. In fact, it’s a crucial factor in keeping the security program aligned with business objectives and executive expectations.
What does that “effective relationship” between the CEO and the board look like in practice? How are such relationships built and maintained? Let’s explore the strategies and best practices that define the modern CISO’s engagement with top leadership.
A recent survey revealed considerable differences among companies in terms of providing CISO access to the CEO and boardroom. The report, by IANS and Artico Search, surveyed of 830 CISOs regarding roles, compensation, job satisfaction, board engagement, and career development.
First, the positive news. According to the survey, 28% of CISOs report directly to the CEO or occupy a high-ranking position in the company’s hierarchy. These CISOs also maintain regular engagement with the board, meeting at least quarterly, either in full board sessions or as members of subcommittees.
The remaining CISOs don’t fare as well. Precisely 50% of respondents excel at C-suite access or boardroom influence, but not both. The remaining 22% have limited executive-level access due to their lower organizational rank and sporadic participation in board meetings.
Related:Microsoft Exchange 'Under Imminent Threat,' Act Now
Experts say poor CISO and C-suite influence puts security behind the eight ball, always trying to catch up with changes that the security team didn’t know were coming until late in the process.
“With the speed and complexity of business today, you need to have these relationships to stay in touch and keep yourself tuned with the business,” said Diana Kelley, CISO at Noma Security.
Build Relationships Before You Need Them
Relationship-building is not just a soft skill—it’s strategic. Don’t underestimate booking regular meetings with executives in the organization that you need to align strategically, Kelley advises.
... continue reading