Board members need to insist on understanding IT / Cybersecurity risks. Only with this knowledge, can they properly discuss those risks at board level and achieve a consensus on setting the enterprise’s risk tolerance. When it comes to cybersecurity strategy, perhaps the single most important goal for boards and CEOs is defining the enterprise’s IT […]
You know you need a risk assessment to show that you’re secure and to find the problems that expose your enterprise to risk. But how do you sell your CEO or the board on that expensive proposition?