In the C-Suite, there is often a disconnect between CEOs and CISOs. It’s a technical gap between the roles that many CEOs steer clear of – hesitant to dip their feet in the tech waters lest they fall in over their heads.
Even though CISOs are security professionals, they’re also pivotal members of senior management in many cases. This means that they should be well-aware and constantly up to speed on every aspect of organizational security, especially as it relates to business.
With this in mind, CEOs need to expect their CISOs to answer business-related questions that non-technical people can understand. CEOs need to ask tough questions, expect specific answers framed in a business context and be ready and willing to act decisively if gaps are discovered.
Read more in this article for Info Security.