Skip to Content

The cybersecurity discussion you’re not having: Download our guide

June 28, 2023 Assessment 2 min read
Joe Oleksak
Holistic cybersecurity starts with an open and honest dialogue with those in your organization responsible for cybersecurity — but it’s important that you’re asking the right questions. Not sure where to start? Our discussion guide will help you kickstart the conversation and take united action.
Group of coworkers discussing the importance of cybersecurity.While we might not always admit it, cybersecurity is a subject that triggers our emotions. For many business leaders, it might be fear brought on by evolving cyberthreats, uncertainty from endless “what-ifs,” or simply a desire to better understand their company’s cybersecurity controls. For CIOs and IT directors, it might be something more positive, such as pride in their team’s expertise or confidence in the culture of cybersecurity awareness at their organization. Notice an issue?

Let’s imagine that a CEO and CIO meet to discuss their organization’s cybersecurity plan. The CEO shares their worry and concern and wants to hear the CIO’s opinion. The CIO assures the CEO that cybersecurity is a top — if not the paramount — priority for business continuity. In fact, the CIO is a little surprised: is the CEO doubting their competence or dedication to their job? The conversation ends with short-lived relief for the CEO, and perhaps a neutral-to-negative response for the CIO.

Maybe this sounds like a situation you’ve personally experienced, or perhaps it’s one you’ve been putting off. It’s often the case in business that the most uncomfortable conversations are the most important ones, and that’s certainly true of cybersecurity. In the above example, the CEO and CIO wanted to avoid a tough subject. As a result, they missed out on a valuable opportunity to build rapport and understanding and, crucially, may still be in the dark about significant cybersecurity issues — on both sides of the fence.

Alignment between business expectations and IT capabilities, empowers leaders across departments to work together and invest in a stronger approach to cybersecurity organization-wide, beyond just the IT department. The reality is a healthy, open conversation shouldn’t be avoided; the key is to make sure you’re asking the right questions.

Trust, but verify: A guide for the crucial cybersecurity discussion you’re not having

To encourage open dialogue, download and use our cybersecurity discussion guide. For CEOs and CFOs, the goal of conversations like these is to trust the IT team but also verify that no stone is left unturned. It’s also essential for both parties to see the bigger picture: cybersecurity isn’t just an IT responsibility. Staff and leadership at all levels, in all departments, are responsible for cybersecurity and have a role to play in protecting company and customer data. Our guide features:

  • Suggested talking points and wording you can use to kickstart the discussion, clarify your motives and intentions, and navigate follow-up questions.
  • A checklist of core cybersecurity controls, systems, and processes that you should confirm are in place for your organization.
  • Action steps to adopt a cross-functional, holistic approach to cybersecurity across departments and business units.

This conversation will likely be the first of many, and you might get some answers you weren’t expecting. But opening the door to healthy, honest dialogue will lead to stronger working relationships and effective risk management for your business.

After your conversation, we’d love to hear how it went. Our consultants can provide perspective and scalable cybersecurity advisory services to complement your cybersecurity framework, within the context of your larger organizational goals and risk landscape.

Download now

Related Thinking

Business professionals meeting around a table discussing risk, opportunity, and growth.
March 15, 2023

Lean into risk: Break barriers to opportunity and growth

Article 6 min read
Image of a digital LED wall
November 17, 2022

Seven-point cybersecurity assessment: Identify your organization’s digital risks

Article 3 min read
Hands typing on laptop computer.
September 29, 2023

Think cybersecurity is just an IT responsibility? Think again

Article 5 min read