A trend that has long been on the rise is finally having its day. A recent industry report revealed that 91% of security professionals believe that ultimate accountability for cybersecurity incidents lies with the board itself, not with CISOs or security managers.
If the security discussion hadn’t fully made its way into C-suite conversations before, it has now.
The Chartered Institute of Information Security (CIISEC)’s new State of the Security Profession survey checks the pulse of the industry where cybersecurity regulation is concerned. It emerges with one clear, overarching sentiment: “the buck stops with the board.”
Out for Blood? Or a Fair Point
Those in the profession understand that security managers are beholden to their CISOs, and CISOs answer to the powers that hold the purse strings.
Countless blogs have been written about “gaining buy-in for your security objectives” and how to persuade those at the table to give in to reasonable security accommodations. For so long, a convincing (but indirect) appeal to the business bottom line has been espoused as a way for executives to see how such improvements would relate to them.
However, today’s calls for…
