Risk Management and Communicating with the BOD presented at CISOBoston 2012

by Bruce Forman,

Tags: Security

Summary : The upsurge in infosec threats is creating an intense focus on CISO leadership in the organization. To maximize their influence and impact on business objectives, CISOs must sharpen their leadership and communication skills, particularly when it comes to addressing needs and expectations at the highest levels of the organization. Identifying the probability and consequences of specific types of risk and quantifying the negative influences they can have on the enterprise is difficult enough, but how can information security professionals best communicate these risks to the executive team and board of directors in a manner that is understandable and actionable? In this session, Bruce Forman, CISO at UMass Memorial Medical Center will put forward several approaches for closing the gap between security lingo and real-world business implications.