The Real Priorities of Advisory Cybersecurity Board Members Right Now

• •establishing governance and 'rules of the road' for offensive/defensive cyber operations
• •making security work easier for the industry
• •complete visibility into code bases and software supply chain
• •unlocking business value through identity integration
• •getting security a seat at the table

+10 more PRO

• •lack of standards for securing the software factory
• •ransomware syndicates changing tactics to physical threats (smart buildings)
• •networks getting shut down by bad traffic
• •falling into the trap of only doing measurable activities
• •automating ticket creation can lead to fixing everything

+10 more PRO

• •accessibility - everyone equal, no tiered ticketing or exclusive rooms
• •geographic expansion - west, east coast, europe events scheduled indicating market traction
• •average utilization ratio of security tools (currently 5%)
• •speed of mindset and behavioral change adoption across workforce
• •geopolitical articles ranking 10/10 (100% of public will care)

+10 more PRO

• •threat-response pairing - match philanthropic investment to specific, identified threat vectors (journalists → harassment funding)
• •quick fix first assessment: if it's a quick fix, fix it regardless of risk level
• •cio evolution comparison: learning from the historical adaptation of the cio role
• •peer consensus test - ask peers if the cso was actually successful; peers will agree on true success vs self-aggrandizement
• •regulatory compliance: adhering to pci v4, cis, salsa, nist, and sec frameworks

+10 more PRO

• •manual testing doesn't scale for large companies
• •non-believers in cyber threat capability despite evidence
• •getting container vulnerability in unreachable code
• •not monitoring cves at least weeklyNew
• •security implementation that lacks transparency or consumer understanding

+10 more PRO