CISOs must help their boards manage cyber risk — here’s how


In one of the more memorable scenes from the film “Jerry Maguire,” Tom Cruise’s character, a football agent, can be seen pleading with his one client, begging him to just “help me, help you.” Maguire kept repeating the line, hoping to break through to the player, trying to convince him to change his attitude in the hopes it would help him land a big contract from his team.

This scene came to mind recently when I was thinking about the relationship between CISOs and their boards of directors. Cyber attacks on a corporation can exact a high price — in money, reputation, and lost business. CISOs battle day and night to prevent their company from suffering a crippling cyber attack, yet too often they don’t receive the help or support they need to properly execute their roles. As a result, CISOs often can’t get enough money to hire staff and purchase the systems that can prevent cyberattacks, can’t raise consciousness among executives to pay attention to cybersecurity issues, and can’t persuade boards of directors to focus more of their attention on cybersecurity needs.

Read more >