Four cyber security essentials that your board of directors wants to know

Explaining your organisation's security strategy and controls to a nontechnical audience can be challenging. Aligning that strategy against ever-changing threats and cyber attack techniques is even more challenging. Translating the strategy, threat landscape, and daily impact into meaningful risk metrics has traditionally been nearly impossible.

Yet, executive teams and boards of directors are asking for exactly that. They increasingly demand data that describes the potential impact of a security threat to operations, brand reputation, market position—even stock value. This document provides a context for understanding what kind of information a board needs, and why.