CFOs understand risk and tradeoffs well, so present your security plan in that light. Rank your risk areas and clearly (in a non-jargon way) explain the impact of the risk area on the company, the coverage, and how the investment will help mitigate the risk.

Don’t waste your executive leadership team’s time. They usually want to know if you need them to act, so don’t be shy—include a call to action. In my experience, you will be more successful if you have built a trusted relationship and keep cybersecurity simple and understandable for them.