Today, Cisco published its Midyear Cybersecurity Report with SAINT a key contributor. This year’s report offered comprehensive insights on the changing cyber threat landscape finding that organizations’ Internet of Things (IoT) devices with potentially numerous security weaknesses are there for the hackers’ taking. CISOs are taking this into account knowing boards continue to keep cybersecurity high on their priority list. We examine this point more closely in Cisco’s report (see page 84) and why it’s time for CISOs to claim and keep their seat at the table.
As Cisco notes, the magnitude of attacks lately has been troubling. Boards are looking for more information from their CISOs and security teams to know whether their organizations are doing the right things to avoid future trouble. And if IoT is a new investment area for the company, boards are more likely to pay attention to how their investment is being protected.
Discussion of cyber risks should be aligned with traditional risks and tied to business priorities and desired outcomes. If CISOs want to maintain their seat at the table, they need to fill the knowledge gap on a consistent basis and rely on business language to clearly communicate with boards. Not the technical language they’ve relied on to engage their security teams.