I’m giving a webinar tomorrow based on the whitepaper I authored for ISACA: Reporting Cybersecurity Risk to the Board of Directors. It’s a free download. I cover Board reporting from the technologists perspective, covering the role of the Board and how to communicate to them in a way they understand. You can register for the webinar here
Lastly, I wrote another piece for ISACA on Zero Trust that people are finding interesting. You can check it our here
Base your presentation on two questions:
1) What does the board need to know related to how cyber risks may affect business performance (hint: they do not need to understand technology)
2) What, if anything, do you wish the board to decide upon/approve (hint: if that is “nothing really”, you may not need to report anything to the board in the first place)
These are good points Hans. I break down a lot of the more nuanced Board Reporting concerns in the Whitepaper: https://www.isaca.org/bookstore/bookstore-wht_papers-digital/whprcr