You are the chief information security officer (CISO) of Vandelay Industries, a firm of 2,500 employees. Vandelay designs and manufactures advanced mining equipment. Your boss, the chief information officer (CIO) has tasked you with reporting the firms cyber risks to the executive committee and board of directors in a written memo. Aside from the CIO, the audience is NOT technical. Decide what information to present and how you would convey that that information to help them understand the cyber risks you are tracking. Write a memo to the board with these items in mind and include (at a minimum) the top five threats and how those translate to risk for the business. Think about: 1. How would you deliver this information to your audience? - Keep in mind this audience is made up of decision-makers. 2. What types of metrics would you report and why? 3. How would you explain to them the concept of "cyber risk"?

Answer rating: 100% (QA)

INTERNAL MEMO TO E xecutive committee and board of directors FROM Chief information security officer ... View the full answer