A tip sheet to help CISOs talk to the board about security needs

A tip sheet to help CISOs talk to the board about security needs

Posted Oct 24, 2021 from

A deputy chief information security officer offers a comprehensive checklist for infosec leaders, helping ease the daunting task of talking cybersecurity with health system leadership.

Healthcare chief information security officers know that the cost of a data breach is higher for them than in any other industry.

When attacks make headlines, panicked board members have one question for CISOs: How can we be sure that won't happen to us? CISOs must be prepared to lead board-level conversations about risk management.

Lead with resilience, manage fear

One big question: How do CISOs lead with resilience and manage fear when talking to the board about cybersecurity?

Jeff Costlow, deputy CISO at ExtraHop in Seattle, offers two scenarios.

"Scenario 1: Imagine yourself walking down the street," he said. "You look up and see that a building is on fire, you go closer to investigate. At the front of the building is a person, they're running around in panic. It looks as if they're going to run inside the burning building. Not a wise idea, you think.


See Topics

See Also

Next Article