What cyber security metrics are CISOs of listed companies reporting to the audit committee of the supervisory board?

Security & GRC
222 viewscircle icon1 Upvotecircle icon3 Comments
Sort by:
CISO in Insurance (except health)a day ago

All top executives are concerned about translating risks into monetary terms. Therefore, Cyber Risk Quantification, along with other key metrics aligned to NIST, is essential.

Director of Information Security in Healthcare and Biotech2 days ago

If it helps, board gets something like below..

Residual Risk Scores (heatmap and trend view)
Top 5 Threats (e.g., phishing, malware, supply chain attacks)
Incident Response Metrics
Capability Maturity & Strategic Alignment
Trends

Lightbulb on1 circle icon1 Reply
no title19 hours ago

that's helpful, many thanks

Content you might like

How long does your organization retain original systems logs used to filter SOX-related actions into a system that requires review of the logs and retains the filtered logs for seven years? Does your organization consider those original system logs records subject to record retention requirements, or supporting information used to create the SOX records?

90 Days20%

365 Days40%

3 years40%

5 years

7 years

Other (share in the comments)

View Results

User experience should not be a priority in the context of security — do you agree?

Strongly agree10%

Agree57%

Neutral11%

Disagree13%

Strongly disagree6%

View Results

With AI adoption accelerating across enterprises, what do you view as the top information security challenge that leaders should address? How can CISOs, VPs and Director’s align governance, risk and security investments to enable AI innovation without creating new exposures?

Read More Comments

Can you share any tips for new security leaders to identify blind spots in their organization? How have you approached this when starting a new role in the past?

Read More Comments