CEOs Require Security Metrics with a High-Level Focus
- It’s important to understand that CEOs just want to know that their systems are working and important data are safe.
- Be prepared for a discussion about what X dollars will buy in additional risk abatement and what the upside of that investment will be to the business.
“When presenting any metric to the CEO, you should have a CEO-level reason for doing so, such as risk evaluation or the need to make a budget allocation decision.”
Chief executive officers (CEOs) just want to know that their systems are working and that important data are safe. “The CEO’s goal,” says Ben Rothke, “is to be in The Wall Street Journal because of record profits, not because of a data breach.”