You can make an impact in the boardroom if you prepare yourself first. Kevin West of K logix shares three ways for security leaders to get started. “The board wants to speak with you.”Finally. The opportunity you’ve been waiting for. As more executives turn their focus to security, you expected that eventually, you’d get to speak with the board. This is your moment to shine, to convince them of the importance of security.Are you going to make the right impact?The answer isn’t as simple as showing up. The key to making the right impact is preparation. As Kevin West, CEO, K logix (LinkedIn, @KlogixKW) explained, “It is important for security leaders to separate the signal from the noise. The signal is the list of business goals and objectives as outlined by the Board. Maintaining focus on the signal means your security program will always be in alignment with executive priorities, which gains you greater respect in the board room.”A quick note about the boardKevin shared a key insight on working with boards, “Board members are business people. They understand risk. What they want to know is how are you going to address the risk. They would rather know about risks upfront than be updated after an incident occurs. Bring the Board a plan that puts security inline with business goals to get the best response.” Kevin’s right.Here are some additional tips on understanding the role of executives and how to present the information they need (link). It also helps to be prepared to answer these three key questions to get the funding and support you need (link). Three ways to prepare before speaking to boardBy actively focusing on aligning security with the needs of the business, you prepare yourself to enter the boardroom with confidence.Kevin West suggests the following three strategies to ensure your time before the board is successful:Invest in relationships: you should have at least one ally in the boardroom with whom your organization has completed a successful project. Leverage that person’s commitment to security to introduce others in the Boardroom to its value.Translate technical jargon into functionality: Effective security leaders discuss security in terms of its positive impact on achieving business goals and increasing revenue. Avoid talk of specific threats, technology standards and other items that move the conversation away from business goals.Provide proof: Prove that you belong in revenue discussions by providing success stories, reports and testimonials that show how security impacted the bottom line. It helps to consider the security story you share (and practice to get it right).How it worksKevin shared a recent example of how effective this method of preparation is:“One CISO I recently met with told the story of his board being floored when he told them that focusing on 100% prevention would basically put the company out of business – it would make it too hard to do work, too hard for customers to engage with the bank the way they wanted to, and too difficult to work with partners.Once the board member saw how security was being respectful of key business goals, he had a much easier time understanding our focus on prevention, but also incident response. This conversation happened because that CISO was speaking from a position of strength, he didn’t wait until a breach happened to explain to the Board that it was inevitable. He told them a breach may happen, but there was a plan in place to minimize its impact.”What are you waiting for?Whether you enjoy a good working relationship with the board or are waiting for the opportunity, invest the time now to be prepared. Consider the relationships you need — across the organization — to be successful. Gather evidence of success. It helps to set aside our bias for breach prevention. Consider how to quickly detect and effectively respond to incidents and potential breaches. In the process, work to translate the technical aspects into functional understanding. Be ready to explain the value of your program to others, in a way they can understand.While this takes time and effort, the payoff comes when it’s time to speak with the board. Done right, the conversation is natural and not forced.Do the work to distill your value, earn the recognition as an IT leader, and have your voice heard by the board. Make an impact that gets results. Related content opinion Want to be a better security leader? Embrace your red team CyberArk CEO Udi Mokady lines up for a Security Slap Shot on the need for security leaders to be productively paranoid. By Michael Santarcangelo Sep 29, 2017 4 mins Risk Management Vulnerabilities IT Leadership opinion To combat phishing, you must change your approach Kevin O’Brien, CEO of GreatHorn, discusses why employee training isn't effective in combatting phishing and what companies should do instead. By Michael Santarcangelo Sep 27, 2017 7 mins Phishing IT Leadership opinion Are you ready for ‘Moneyball’ security? Mike McKee, CEO of ObserveIT, lines up for a Security Slap Shot on the benefits of an evidence-based approach to security. By Michael Santarcangelo Sep 20, 2017 4 mins IT Leadership opinion Your security scars are the key to innovation Ben Johnson, CTO and co-founder of Obsidian Security, lines up for a Security Slap Shot on driving innovation in security and business based on experience. By Michael Santarcangelo Sep 14, 2017 4 mins IT Strategy Careers IT Leadership Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe