CISO as a Salesman: Win Support for Your Key Initiatives

CISOs are challenged with selling the security message internally to prove the value in the organization and drive the security budget. Recommendations to win support for key initiatives include:

• Communicate with the executive team and report relevant issues. Avoid reporting events and issues from 1-2 years ago. Look for relevant issues of the day that will resound with the executive team.
• Build relationships with the Communication Department to help focus the communications internally and develop communication plans.
• Leverage metrics to prove your case. Use realistic metrics to quantify data loss, projected savings from reducing calls to the service desk, potential loss related to failing to address security needs, etc.
• Benchmark your organization against other organizations. Engage an independent party to perform the benchmarking to ensure third-party credibility.