Majority of CISOs still struggle with board communications.
Organizations are struggling with internal communication barriers, which hinder their ability to address cybersecurity threats.
According to research by Dynatrace, 70% of C-suite executives say security teams often talk in technical terms, without providing business context, and believe the CISO is responsible for bridging that gap. However 83% of CISOs say their board of directors and CEO need to understand the company’s security posture better so they can assess business risk and compliance requirements.
Also, the global survey of 1,300 CISOs - including ten interviews with CEOs and CFOs in enterprises with over 1,000 employees - found 87% of CISOs say application security is a blind spot at the CEO and board level, with 82% of CISOs saying they “urgently need to increase the visibility of their CEO and board into application security risk” to enable more informed decisions to strengthen defenses.
Bernd Greifeneder, chief technology officer at Dynatrace, said: “However, many CISOs are struggling to drive alignment between security teams and senior executives because they’re unable to elevate the conversation from bits and bytes to specific business risks. CISOs urgently need to find a way to overcome this barrier and create a culture of shared responsibility for cybersecurity.
“This will be critical to improving their ability to respond effectively to security incidents and minimize their risk exposure.”
CISO Dinis Cruz recently talked to SC UK about his project The Cyber Boardroom, which uses GenAI to better tailor communications to C-level executives.
Written by
Dan Raywood
Senior Editor
SC Media UK
Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.
Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.