For Security & Risk Professionals

Don't Bore Your Executives — Speak To Them In A Language That They Understand

Seven Critical Executive-Level Metrics For CISOs And The Business

    Why Read This Report

    The ability to communicate effectively has always been a core competency for any business executive, and today's chief information security officer (CISO) is fast becoming a business executive. The CISO's role is evolving and moving out of IT; its responsibilities and focus are shifting from IT risk to business risk. As with other business executives, the enterprise expects value creation from the CISO. We need a common language for the business and the security organization, and it needs to reflect a communication style that serves the business and the CISO. Program reporting is one important communication method, and formally reporting the value a program contributes to the organization is an important skill. This is especially true when reporting to executives. Adopting the metrics proposed in this report, as part of information security reporting, moves the CISO toward a common language for business.
    US $ 499
    Become A Client

    Get objective, pragmatic guidance that helps you make tough decisions and succeed in a complex world. Contact us to learn more.

    Already A Client?
    Log in to read this document.

    TABLE OF CONTENTS

    • You Report To A Business Executive, But You're Not Using The Language Of One
    • Seven Metrics Categories That Characterize Security In Business Terms
    • WHAT IT MEANS

      You Can't Learn A New Language Instantly, But You Have To Start Somewhere
    • Related Research Documents