Don't Bore Your Executives — Speak To Them In A Language That They Understand
Seven Critical Executive-Level Metrics For CISOs And The Business
July 18, 2011
Why Read This Report
The ability to communicate effectively has always been a core competency for any business executive, and today's chief information security officer (CISO) is fast becoming a business executive. The CISO's role is evolving and moving out of IT; its responsibilities and focus are shifting from IT risk to business risk. As with other business executives, the enterprise expects value creation from the CISO. We need a common language for the business and the security organization, and it needs to reflect a communication style that serves the business and the CISO. Program reporting is one important communication method, and formally reporting the value a program contributes to the organization is an important skill. This is especially true when reporting to executives. Adopting the metrics proposed in this report, as part of information security reporting, moves the CISO toward a common language for business.
Already a Client?
Log in to read this document.
Become a Forrester Client
Customers are the new market-makers, reshaping industries and changing how businesses compete and win. Success depends on how well and how fast you respond. Forrester Research gives you insights and frameworks aligned to your role to shorten the time between a great idea and a great outcome, helping your teams win in the age of the customer. Contact us to learn more.
This report is available for individual purchase ($499 USD).Purchase
Table of Contents
- You Report To A Business Executive, But You're Not Using The Language Of One
- Seven Metrics Categories That Characterize Security In Business Terms
WHAT IT MEANS
- You Can't Learn A New Language Instantly, But You Have To Start Somewhere
- Related Research Documents
Assess Your Security Program With Forrester's Information Security Maturity Model
January 20, 2017 | Renee Murphy
Security Organization Trends 2010
February 4, 2010 | Khalid Kark
Dissect Data To Gain Actionable INTEL
August 9, 2012 | Heidi Shey