Many times a CISO may have to speak to the Board of Directors (BOD) about their cyber security posture. What would be the BEST choice of security metrics to present to the BOD?
A.
All vulnerabilities found on servers and desktops
B.
Only critical and high vulnerabilities on servers and desktops
C.
Only critical and high vulnerabilities that impact important production servers
D.
All vulnerabilities that impact important production servers
The Board of Directors (BOD) requires concise, impactful information that demonstrates the organization's security posture. Metrics should highlight risks that directly affect critical business operations.
Presentation Strategy:
Highlighting only critical and high vulnerabilities on production servers ensures the BOD understands the urgency and importance of these vulnerabilities without overwhelming them with irrelevant details.
Supporting Reference:
CCISO materials emphasize presenting risk-based metrics that align with organizational priorities to effectively communicate with executive leadership.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit