If the Board Knows Risk, Why Is It Such a Struggle to Explain Cyber Risk?

It’s not so easy to explain information security risk through the business lens, as Evelin Biro, CISO, Alliant Credit Union pointed out in our conversation at Black Hat 2022.

“Using information security as an advantage, is what the board understands,” said Biro. “Now how to get there is a whole different question.” It’s a lot easier when there is someone with cyber expertise already on the board.

They’re good about accepting the risk, said Biro, but she wants to make sure they’re really clear on the risk that they’re accepting.

Got feedback? Join the conversation on LinkedIn.

David Spark is the founder of CISO Series where he produces and co-hosts many of the shows. Spark is a veteran tech journalist having appeared in dozens of media outlets for almost three decades.