INTRODUCTION
C-suite IT and information security executives have usually attained their responsible positions by being good at the technical aspects of their functions. Their background, schooling and higher education are mostly in science or technology disciplines. They understand information technology, they’re usually up to date with the latest threat developments, trends and risks, and they know their way around the network infrastructure. They may have a good understanding of IT-related best practice frameworks, such as ITIL®, COBIT®, PRINCE2® and ISO27001. They understand information risk.
Boards, however, across most business sectors, are mainly made up of people drawn from a wider educational background, and whose business experience ...
Get Selling Information Security to the Board now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
