SoylentNews is people
SoylentNews
If CISOs don't do a good job of communicating, 59 percent of board members said that the security executives stand to lose their jobs, according to a new survey released today.
"If they're not up to par in the minds of the board, there will be action taken," said Ryan Stolte, co-founder and CTO at Bay Dynamics.
It marks an inflection point in how the boards look at cybersecurity, he said.
Previously, boards looked at breaches as an act of God or natural disaster, he said, or just fired the CISO even if the breach was not something they could have prevented.
"Now they're treating it as a risk management concern," he said. "It's a mind change."
[...] According to the survey, which was conducted by Osterman Research, cyber risk is now a top priority for board members, right up there with financial risk, regulatory risk, competitive risk, and legal risk.
[...] 54 percent of board members said that the data they were getting was too technical, and 85 percent said that IT and security executives need to improve the way they report to the board.
If the reports aren't useful and actionable, 93 percent said that there would be consequences. These included termination, said 59 percent, or warnings, said 34 percent.
(Score: 0) by Anonymous Coward on Wednesday June 15 2016, @05:22PM
I agree. Why are non-technical people allowed on the board? They don't understand what is happening and then pass the blame along.
(Score: 0) by Anonymous Coward on Wednesday June 15 2016, @06:37PM
Because they (used to) represent the owners, and there is no expectation of having them be technical people?
(Score: 2) by khchung on Wednesday June 15 2016, @11:53PM
If you were the owner a business that critically depends on something, such as network security, and yet you did not take the time to understand it, then your business is going to fail. And if you did that as a representative of the owner, then you were "too lazy, too ignorant or plain too stupid" for the job.