Cybersecurity leaders and boards of directors have had their communication challenges over the years, but the tide may be changing. Historically, security experts haven’t had a “seat at the table,” but with new legislation being introduced and headline-grabbing breaches continuing to alarm organizations across the globe, boards of directors are more involved than ever before in discussion around their companies’ cybersecurity.
A majority of the companies that have experienced a mega-breach typically haven’t had a security leader or CISO reporting directly to the CEO, DeMISTIfying Security expert Raef Meeuwisse says during the latest episode.
“Security isn’t given the right empowerment and governance right at the top level,” Meeuwisse says. “You have to have someone in that position for at least 18 months before it has a cascading effect on the organization.”
In the latest edition of InfoSec Insider’s DeMISTIfying Security series, veteran experts Ed Moyle and Raef Meeuwisse discuss the state of cybersecurity as it relates to executive support within the business.