#135 - Board Decks (with Demetrios Lazarikos)

One of the most important activities a CISO must perform is presenting high quality presentations to the Board of Directors.  Listen and learn from Demetrios Lazarikos (Laz) and G Mark Hardy as they discuss what CISOs are putting in their decks and how best to answer the board's questions. 

Special thanks to our sponsor Risk3Sixty for supporting this episode. Risk3sixty has created a presentation template that helps you structure your thoughts while telling a compelling story about where you want your security program to go. Download it today for free at: https://risk3sixty.com/whitepaper/security-program-maturity-presentation-template-for-cisos/?utm_source=cisotradecraft&utm_medium=podcast&utm_campaign=2023-ct&utm_term=1week&utm_content=ebook

References

• RSAC ESAF Download: https://www.rsaconference.com/rsac-programs/executive-security-action-forum
• NACD 2023 Directors Handbook: https://www.nacdonline.org/insights/publications.cfm?ItemNumber=74777
• Blue Lava: https://bluelava.io/cybersecurity-board-reporting/

Transcripts: https://docs.google.com/document/d/1juM8MQUEtAZEDp1HpzkPdNw-D11O3ofq

Chapters

• 00:00 Introduction
• 05:17 The Importance of External Audits in Managing Risk
• 06:48 How to Help Your Business of Revenue Protection Reduce Risk
• 11:15 How to be a Successful CISO
• 12:52 How to Measure the Threat to Your Environment
• 15:04 How to Prepare for Cyber Threats and Incidents
• 18:49 The Importance of Understanding the Business's Critical Assets
• 22:28 OSINT and CSIRT.global Tools and Technologies
• 25:14 Building a Matrix of Good Intention, Bad Behavior, and Access Management
• 28:10 How to Create an Incident Response Plan
• 30:20 How to Keep Your Board of Directors Informed of Cybersecurity Incidents
• 31:50 How to Keep Track of the Latest Cyber Threats Coming Around the Corner
• 34:11 How to Achieve Cyber Insurance Coverage
• 37:06 Cyber Liability Insurance: A Necessary Component of Running Your Business in 2023
• 39:22 How to Measure the Effectiveness of a Company's Cybersecurity Program
• 40:54 The Importance of Business Alignment