By 2020, 100 percent of large enterprises will be asked to report to their board of directors on cybersecurity and technology risk at least annually, which is an increase from today's 40 percent.
So shares global research firm Gartner in Gartner's 2016 Comprehensive Guide to Presenting Risk and Information Security to Your Board of Directors, which investigates the trend that security and risk management are becoming increasingly visible to boards of directors as enterprises more deeply link cybersecurity program activities to business goals and objectives.
Working with CISOs and CIOs through the process of preparing and presenting to boards has indicated the following success factors for board reporting, according to Gartner:
Tell the story through a strong simple narrative
Make clear connections to business objectives
Communicate in terms of risks, not threats
End with an ask, identify next steps
With the acceleration of digital business demands, it is increasingly critical to address cybersecurity as a key component of organizational functionality and change, with a focus on the role leadership plays in facilitating a culture and attitude of cybersecurity and information governance compliance.