I had a client whose maturity scores didn’t improve over a 3-year period. If data was all that was presented this could easily be interpreted as a failure of progress. But when they focused the narrative around the successful integration of the multiple acquisitions they had over the past few years, the focus shifted to the successful expansion of

... See more

The simpler you can convey it, the better. Too often, cybersecurity professionals get mired in technical jargon only to lose their audience. “Be clear, unambiguous, and direct,” Noaman advises. “If you’re up front and say exactly what you need to do and put in terms of the why, you don’t have to explain the technical things, because now everyone

... See more

Get your business units to pull help from security and not have security keep pushing improvements on them. The main thing is for the CEO to not just provide support and resources for the CISO but to actually change the dynamic by regularly expecting each business line executive or functional leader to be able to articulate at some appropriate

... See more