CISO Trainings , Next-Generation Technologies & Secure Development , Training & Security Leadership

CISO in the Middle: Managing Risk Up and Down the Enterprise

Humphrey Christian of Bay Dynamics on the CISO's Role
CISO in the Middle: Managing Risk Up and Down the Enterprise

When it comes to cyber risk, how must the CISO manage communications across the enterprise? The board, the staff and the line-of-business leaders all have different needs. Humphrey Christian of Bay Dynamics offers advice for the CISO in the middle.

Historically, security leaders have communicated mainly upward to the CEO and to the board, and it's all been about numbers - how many vulnerabilities patched, how many incidents detected?

"It's been about 'what have I done?'" says Christian, vice president of product management. "What we're seeing is that CISOs are now being asked to talk the language of the board of the directors and the C-levels. And that language is the financial language - what is the financial impact of the cyber risk?"

Similarly, when discussing the topic with security professionals and line-of-business leaders, CISOs now find themselves having entirely new conversations.

In this interview about managing and communicating cyber risks, Christian discusses:

  • How to manage up to the CEO and the board;
  • How to manage down to security practitioners and teams;
  • How to manage sideways/laterally to business and application owners.

Christian has over 16 years of experience designing and implementing data analytics solutions. Since joining Bay Dynamics in 2002, he has directed the product strategy, architecture, and implementation of the widely adopted IT Analytics and Risk Fabric products. He began his career in IT as a member of the Accenture consulting team.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.