How to write a cyberthreat report executives can really use

As savvy CISOs know, a well-crafted and well-timed cyberthreat report can help executives grasp what’s happening in the world of cybersecurity—and it just might replace those late-night phonecalls.

dashboard / report / metrics / results / analysis / management
Stnazkul / Getty Images

The CEO’s email landed in Maurice Stebila’s inbox around midnight, the message asking whether Stebila, the company’s CISO at the time, had heard about the latest news-making cyber event.

“He had no idea we were already looking at this event,” Stebila says.

Stebila already had regular conversations with the CEO and other executives, but that late-night email cemented his plans to develop a weekly report updating the C-suite about cyberthreats.

“I wanted to make sure that they knew we were on top of all these threats, so I decided to be proactive and share information with them [more frequently] instead of making them come to me,” says Stebila, now chairman of CxO InSyte, an organization he founded to provide programming to the CISO community.

Back at his former company, Stebila used the new report to provide a high-level look at the prior seven days in cybersecurity, including the threats and vulnerabilities that could impact the organization as well as any that grabbed headlines that week. He says he viewed the reports as part of his larger cybersecurity awareness program.

To continue reading this article register now

Subscribe today! Get the best in cybersecurity, delivered to your inbox.