Security Risk Posture: The CISO's 7-Minute Story to the Board

The CISO dashboard is a challenge for all from senior members of the board to the security professional tasked with preparing the "deck." It is too detailed to some or too long and technical to others, or it is not quantifiable and lack the "So what?" factor. Security metrics can tell a story when the right metrics are in place and aligned to the business strategy and organizational capabilities. The results of these metrics, both key risk Indicators and key performance indicators, which are key components of continuous security (risk) monitoring, should dictate security as well as business initiatives.