Where Should the CISO Report?
When the CISO doesn’t report at the right level of an organization, misalignment between security, IT, the business, and the larger public ecosystems it serves will surely result. Such misalignment often leads to dire consequences, increasing the chance of breaches… Continue reading
How to Define Security for Your Business
Could it be that a simple misunderstanding of what cybersecurity means is creating much of the disconnect between business and security leaders that often makes security programs ineffective? According to one security leader who’s worked as a Chief Information Security… Continue reading
Fifty Keys to Cybersecurity-Business Alignment
My book, Rational Cybersecurity for Business: The Security Leader’s Guide to Business Alignment contains 50 Keys to Alignment that accentuate the guidance. I’m writing about these keys in a “50 keys” blog series. This page conveniently summarizes all the keys… Continue reading