![]() ![]() CISOs could, for example, share reports weekly with their CIOs but distribute them to the board only semi-annually. The best schedule is one that matches the organization’s own cultural tempo, Rawlins says, adding that CISOs could also create and distribute customized reports to different recipients on different schedules based on the varying levels of threats and interest levels each party has. Security leaders say the reports should come out on a regular schedule, whether they’re passed out weekly as Stebila did, monthly, or quarterly. “Senior managers get hit with lots and lots of paper, so whatever format it’s in, it has to get their attention.”ĬISOs also need to consider how often they want to generate these reports. Although there’s no single template for crafting a threat report, “it should look like whatever you think people will read,” says deGrazia. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |