“I knew I messed up…”
In this episode of CISO Confidential, Elias Oxendine IV, now the CISO of Tractor Supply Co., shares with SAFE CEO Saket Modi a raw and candid account of his nerve-wracking first board meeting as a CISO prior to his current role. Watch the episode now.
Following a format set by his predecessors in the job, Elias presented technical metrics on cybersecurity, vulnerabilities patched, etc. – and watched as “their eyes glazed over.” Worse, the period set aside for discussion came and went in silence.
Never again, Elias vowed. He found two allies on the board, one a former CIO, who helped him see that “I had to get away from those boring technical metrics. What you really want is to talk about risk and financial impact. That’s what board members track and understand.”
The next board meeting, “it was game on. From the minute I started talking about quantifying risk, there were so many questions: ‘What are you thinking and what do you need to accomplish it?’…I’ve taken that same approach every time and it’s worked.”
Beyond quarterly board reporting, Elias has spread this quantitative cyber-risk-is-business-risk approach to his entire team.“We’ve got a lot more people starting to be good risk practitioners. No longer are we talking about compliance checks. It’s helping us get to a clear focus on our security investment program.”
Watch Saket Modi’s candid conversation with Elias Oxendine IV for more tips on board communication – and stay tuned for more real-life stories from top security leaders.
Watch the episode of CISO Confidential with Saket Modi and Elias Oxendine IV.
SUBSCRIBE TO WEEKLY BLOG NEWSLETTER
SHARE THE PAGE
