IT Forefront

4 quick tips for your next cybersecurity conversation

by Chris Ruli

With ransomware and other malware events on the rise, it’s time to prepare for “the talk” with your C-suite and board of directors about cybersecurity. For provider CIOs and CISOs (Chief Information Security Officers), the conversations are no longer about if a breach occurs but when.

Two weeks ago, our Daily Briefing team covered a four-step plan on ransomware prevention: back up data, limit network access points, filter emails, and curtail access to specific websites. The four steps outlined are part of a broader discussion around cybersecurity threats, but these threats can affect any member of an organization.

Here are some considerations you should remember when having the talk with your team:

Prepare in advance

  • Make sure you understand the organization’s current state
  • Hold private meetings with key leaders to understand their concerns and perspectives

Keep it simple

  • Talk in business terms and leverage scenarios to illustrate the organization’s risk profile from various threats
  • Discuss improvements made to lower risk

Be clear about alternatives

  • Provide alternatives for changing the organization's risk posture
  • Acknowledge trade-offs for each alternative

Discuss roles

  • Provide examples of various roles they can play in managing cyber risk
  • Ask for their guidance and assistance

Prevent ransomware attacks

Hackers are holding hospitals for ransom—here's your four-step plan to stop them.

Download now

How to discuss cybersecurity with your CEO

Join us for a webconference on May 19 with experts from the Advisory Board and law firm Hunton & Williams to review these four steps and advice on how to productively discuss security and risk with senior leaders in your organization.