How to Talk to Executives about Security

Learn effective strategies for communicating security concerns to executives in this 41-minute conference talk from Louisville InfoSec 2016. Explore how to move beyond fear, uncertainty, and doubt (FUD) tactics to build credibility, present clear needs, and align security priorities with business objectives. Discover techniques for engaging decision-makers, holding them accountable, and navigating challenging conversations about risk acceptance. Gain insights on framing security issues from different perspectives and avoiding common pitfalls in executive-level discussions about cybersecurity.

Intro
DATA BREACHES IN THE HEADLINES
RELYING ON FUD REDUCES YOUR CREDIBILITY
BE UP FRONT ABOUT WHAT YOU NEED
SOMETIMES THE ANSWER IS TO ACCEPT THE RISK
DIFFERING MODES OF ENGAGEMENT
LOOKING FROM A DIFFERENT ANGLE, WHAT WOULD YOU CHOOSE?
HOLDING DECISION MAKERS ACCOUNTABLE
DECISION DODGEBALL
ALIGN YOUR DEPARTMENT WITH THE BUSINESS