{"id":20928,"date":"2016-10-13T11:04:43","date_gmt":"2016-10-13T18:04:43","guid":{"rendered":"https:\/\/www.paloaltonetworks.com\/blog\/?p=20928"},"modified":"2016-10-13T11:04:43","modified_gmt":"2016-10-13T18:04:43","slug":"cso-awkward-conversations-cybersecurity-avoid","status":"publish","type":"post","link":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/2016\/10\/cso-awkward-conversations-cybersecurity-avoid\/","title":{"rendered":"Awkward Conversations About Cybersecurity (and How to Avoid Them)"},"content":{"rendered":"<p>Happy <a href=\"https:\/\/www.dhs.gov\/sites\/default\/files\/publications\/NCSAM%202016%20One%20Pager.pdf\" rel=\"nofollow,noopener\"  target=\"_blank\">National Cybersecurity Awareness Month<\/a>! Now in its thirteenth year, this program is designed to highlight important cybersecurity considerations and teach consumers about proper cyber hygiene. It is in this spirit that I\u2019d like to initiate a conversation about the importance of cybersecurity education at work, particularly as it relates to communication between security teams and the boardroom.<\/p>\n<p>One topic that consistently comes up in my conversations with other CSOs and CISOs, no matter what industry they\u2019re in, are the challenges involved in communicating effectively with their CEOs and boards of directors about cybersecurity issues. This isn\u2019t to say both sides aren\u2019t deeply invested and interested in cybersecurity; they absolutely are. The difficulty is that each has different pain points and agendas that may not be fully understood by the other, which can, at times, lead to some very awkward conversations about cybersecurity. It\u2019s a widespread problem, as evidenced by a <a href=\"https:\/\/www.paloaltonetworks.com\/company\/press\/2016\/european-cisos-are-fighting-fit-on-cybersecurity\" target=\"_blank\">survey of IT professionals<\/a> Palo Alto Networks recently commissioned in which a third of respondents said involving upper management in discussions about cybersecurity issues makes resolving them more complicated.<\/p>\n<p>Let me give you an example: Asked by his CEO to provide a \u201cstate of the union\u201d regarding the company\u2019s network security, a CSO conducts a thorough inspection of the network and prepares an exhaustive report of every potential vulnerability or actual piece of malware residing on the network. In the interest of being thorough and minimizing his exposure, the CSO\u2019s report touches on every possible vulnerability and malware on the network. He shares it with the CEO and the board, who all marvel at its thoroughness but are left clueless as to what to do with it. Why? Because the CSO hasn\u2019t provided the information they need to make business decisions about cybersecurity. Could all of the threats listed actually have a material impact on the business? If not, which ones require immediate attention, which ones can be dealt with as time and budget allow, and which ones can be ignored?<\/p>\n<p>It\u2019s communication problems like these that make cybersecurity such a complicated issue, so I\u2019m glad that we, as a country and an industry, reserve time to talk about it together every October. As a committed member of the cybersecurity community and designated <a href=\"https:\/\/staysafeonline.org\/ncsam\/champions\/all-champion-organizations\" rel=\"nofollow,noopener\"  target=\"_blank\">National Cybersecurity Awareness Month Champion<\/a>, Palo Alto Networks supports the efforts of the <a href=\"https:\/\/www.dhs.gov\/\" rel=\"nofollow,noopener\"  target=\"_blank\">Department of Homeland Security<\/a> and the <a href=\"https:\/\/staysafeonline.org\/\" rel=\"nofollow,noopener\"  target=\"_blank\">National Cybersecurity Alliance<\/a> to help our country, citizens and organizations take a more focused and educated approach to this issue. Because until a <a href=\"https:\/\/en.wikipedia.org\/wiki\/Universal_translator\" rel=\"nofollow,noopener\"  target=\"_blank\">universal translator<\/a> hits the market, it\u2019s the best shot we have at putting forth a united front in the ongoing fight to secure our digital way of life.<\/p>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Happy National Cybersecurity Awareness Month! Now in its thirteenth year, this program is designed to highlight important cybersecurity considerations and teach consumers about proper cyber hygiene. It is in this spirit that &hellip;<\/p>\n","protected":false},"author":43,"featured_media":20190,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1766],"tags":[2784,120,194],"coauthors":[791],"class_list":["post-20928","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cso-perspective","tag-awkward-conversations","tag-cybersecurity","tag-cybersecurity-awareness-month"],"jetpack_featured_media_url":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-content\/uploads\/2016\/09\/CSO-web-banner-650x300.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/20928","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/users\/43"}],"replies":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/comments?post=20928"}],"version-history":[{"count":4,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/20928\/revisions"}],"predecessor-version":[{"id":20943,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/posts\/20928\/revisions\/20943"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media\/20190"}],"wp:attachment":[{"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/media?parent=20928"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/categories?post=20928"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/tags?post=20928"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/origin-researchcenter.paloaltonetworks.com\/blog\/wp-json\/wp\/v2\/coauthors?post=20928"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}