One of the challenges for cyber security teams is getting true engagement at a board level. Part of this is that lack of anyone on the board with any direct responsibility for the issue. But a larger part is the language used when talking with the board. It doesn’t matter if it is internal teams or vendors. Despite attempts over the last few years to get away from jargon and talk about risk, it still isn’t happening.
Even talking about risk in general terms may not be enough. Ian Schenkel, Vice President, EMEA, Flashpoint sat down with Enterprise Times recently and told us: “What the board needs to understand is ‘What’s the risk?'”
But how do you start that conversation? What is the right approach? Schenkel commented: “Do not treat boards like children and don’t treat them like techies either.” The problem for many when engaging with the board is to find that middle ground. Cyber teams often overexplain terms (treating like children) and sales teams want to appear clever (treating them like techies).
So what is the answer? According to Schenkel it’s to talk about Business Risk Intelligence. He sees this as a better engagement with the board as it goes to the heart of what they understand – losing money.
Schenkel also addressed the problem of management as the weak link. He said: “One of the trends we will see moving forward in 2020 is personal brand protection. If you are a senior person inside an organisations your personal brand is your reputation, your job, who you are.”
To hear what else Schenkel had to say, listen to the podcast
Where can I get it?
obtain it, for Android devices from play.google.com/music/podcasts
use the Enterprise Times page on Stitcher
listen to the Enterprise Times channel on Soundcloud
listen to the podcast (below) or download the podcast to your local device and then listen there