As automation touches more of your organization, security will be far from automatic. Bots’ privileges need close scrutiny, for example.
CIOs: 3 best practices for communicating with your board
My primary interface with my board of directors is through the audit committee. Working together, we focus on security, risk management, and the future of IT.
These conversations do not (and certainly should not) resemble the ones you have with your direct staff, or even with the immediate person that you report to. If your audience is not dealing with the real day in and day out, they will appreciate it if you put yourself in their position. I always like to start our board presentation preparation by saying “If I knew nothing about this topic, would I understand what this presentation is trying to say?”
A few things you should always do when communicating with your board:
- Be very upfront and honest. That’s the way to gain the board’s confidence.
- Show that you’re conscious of and in tune with industry trends.
- Demonstrate that you’re part of a network and can share different experiences.
Having real, practical experiences that you can draw on always increases your credibility. For example, it’s great to be able to say, "I’ve talked to six other CIOs, and they have the same challenges, and they’re dealing with it in this way.” If you go in as a lone person, without any industry knowledge, it’s difficult to convey a story or seem credible.
How do you build such a benchmark of experience? One way is to join (or form) a group of your peers. I belong to a few different CIO groups, which allows me to get ten or 12 great opinions on a topic every month. Boards always appreciate it when you can bring them that kind of insight.