topic Re: Cybersecurity is not the problem: Are you solving the wrong problem? in Governance, Risk, Compliance https://community.isc2.org/t5/Governance-Risk-Compliance/Cybersecurity-is-not-the-problem-Are-you-solving-the-wrong/m-p/46250#M407 <P>My first thoughts automatically go to the Board and this is where the professional diversity of the Board really matter. Most have law, finance, operations, and HR areas covered. It my experience or at least in my area, Boards lack the diversity of having someone who has had experience in IT/Cyber.</P><P>&nbsp;</P><P>At this point, the Board can ask the correct questions and possibly help guide the Org. in the right direction in this area. This top down approach is more effective than the CISO trying to advocate for a direct reporting line to the CEO. Especially if the CIO has trouble letting go of power.</P> Thu, 01 Jul 2021 14:14:15 GMT tmekelburg1 2021-07-01T14:14:15Z Cybersecurity is not the problem: Are you solving the wrong problem? https://community.isc2.org/t5/Governance-Risk-Compliance/Cybersecurity-is-not-the-problem-Are-you-solving-the-wrong/m-p/46236#M406 <P>Hi All</P><P>&nbsp;</P><P>Came across this LinkedIn post, which resonated and I wonder if others felt the same as the author?&nbsp;</P><P>&nbsp;</P><P>Your thoughts and comments always welcomed for debate.</P><P>&nbsp;</P><P><A href="https://www.linkedin.com/pulse/cybersecurity-problem-dennis-e-leber/?trackingId=Q7So6OVJWidhr658gqivhw%3D%3D" target="_blank">https://www.linkedin.com/pulse/cybersecurity-problem-dennis-e-leber/?trackingId=Q7So6OVJWidhr658gqivhw%3D%3D</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P> Mon, 09 Oct 2023 09:55:45 GMT https://community.isc2.org/t5/Governance-Risk-Compliance/Cybersecurity-is-not-the-problem-Are-you-solving-the-wrong/m-p/46236#M406 Caute_cautim 2023-10-09T09:55:45Z Re: Cybersecurity is not the problem: Are you solving the wrong problem? https://community.isc2.org/t5/Governance-Risk-Compliance/Cybersecurity-is-not-the-problem-Are-you-solving-the-wrong/m-p/46250#M407 <P>My first thoughts automatically go to the Board and this is where the professional diversity of the Board really matter. Most have law, finance, operations, and HR areas covered. It my experience or at least in my area, Boards lack the diversity of having someone who has had experience in IT/Cyber.</P><P>&nbsp;</P><P>At this point, the Board can ask the correct questions and possibly help guide the Org. in the right direction in this area. This top down approach is more effective than the CISO trying to advocate for a direct reporting line to the CEO. Especially if the CIO has trouble letting go of power.</P> Thu, 01 Jul 2021 14:14:15 GMT https://community.isc2.org/t5/Governance-Risk-Compliance/Cybersecurity-is-not-the-problem-Are-you-solving-the-wrong/m-p/46250#M407 tmekelburg1 2021-07-01T14:14:15Z