By Christophe Veltsos, Security Intelligence

1. Seek to Understand the Mandate and Role of the CISO

2. Get to Know the Security Team Before an Incident

3. Review the CISO’s Network of Influence

4. Assess the CISO’s Performance and the Organization’s Security Posture

5. Actively Review the Cybersecurity State of the Organization

Boards need to make sure that the organization is making adequate progress in shoring up its most critical cyber risks, leveraging internal audits and external penetration tests, and conducting red team exercises.