Anthony Vance, Virginia Tech
There are many teams in security—blue teams, red teams, purple teams, etc. This talk is about the security team that few people think about but has the potential to be the most powerful and influential security team in the organization: the board of directors. Through in-depth interviews of board directors, CISOs, and senior-level consultants who advise boards on security, I illustrate challenges that CISOs face in meaningfully engaging with the board of directors. I also show how CISOs can gain strategic importance in supporting and advising the board. Finally, I describe ways that CISOs can help boards realize their potential as the most powerful security team in the organization.
Anthony Vance, Virginia Tech
author = {Anthony Vance},
title = {The Security Team at the Top: The Board of Directors},
year = {2022},
address = {Santa Clara, CA},
publisher = {USENIX Association},
month = feb
}