The CSO's playbook for forging board relationships

Security is a board-level concern, but many aren’t confident they have the information and processes to provide effective governance. This nine-point plan will help you cement your role as a trusted advisor.

Conceptual image of executives; silhouettes in motion with a virtual global network overlay.
Metamorworks / Getty Images

Selim Aissi, CISO at software company Ellie Mae, saw it as confirmation of his role as trusted adviser when one of his company’s board members texted him late one night a few years ago.

The director wanted to better understand NotPetya, the devastating ransomware attack that was beginning to make headlines at the time. Aissi followed up the text with a phone call, during which he and the director talked about the news-making malware.

Although it wasn’t the first or last time a board member sought out his insights, Aissi says the director’s comfort in initiating that conversation illustrated for Aissi that he had a strong relationship with the board.

“That was my first big a-ah moment,” Aissi adds.

Security in the past five years has become a board-level concern, elevated from an operational issue to a strategic one – a change that has CISOs increasingly presenting to board members.

To continue reading this article register now

Microsoft's very bad year for security: A timeline