What Security Teams Want to Know About Communicating with Execs About Ransomware

Effectively communicating information security issues to executives can be a daunting and difficult task given the highly technical nature of the space and executive audience's level of understanding. However, a growing interest in all things security from executive leadership has resulted in a need for greater visibility into the security function, which requires more frequent interaction between these parties. 

Given its ongoing dominance in news headlines, ransomware resonates with leadership like few other topics in the cybersecurity space - from insights into the team's ransomware prevention strategy to understanding the company's ransomware response plan.

As a result, security leaders and their teams need to know how to effectively communicate with executives about ransomware. Our team of Faculty see this first-hand through our Ask-An-Expert service, where they field questions directly from security teams. 

This piece highlights the all-important element of executive communication on the topic of ransomware. 

Questions From Security Teams on Communicating with Execs About Ransomware 

Here is small a collection of questions security teams posed to our Faculty on the topic of communicating with executives about ransomware. 

• We would like a writeup about a ransomware tabletop exercise that focuses more on executive response than technical details. What should executives focus on? Is it cyber liability?  
• How can we best report to the board and executives about the ransomware protection enhancements being made? 
• Can IANS provide insight into what other companies are doing to prepare for a potential ransomware attack for the purpose of sharing with executives? 
• What are some recommended ways to respond to questions from the board of directors surrounding the potential risk from a ransomware attack? 
• How can we develop a plan and framework for communicating with executives and the board in the event of a major cybersecurity incident like a data breach or ransomware attack? 
  

Guidance for Communicating with Execs About Ransomware 

As part of our Ask-An-Expert service, questions like the above samples are answered by an individual Faculty member with hands-on expertise in the specific topic area via either a phone conversation or detailed write-up. Clients enjoy unlimited, on-demand access to our Faculty, who can assist security leaders and their teams at any point in a given security project, regardless of maturity level. 

Do you have questions about how to effectively explain and communicate the topic of ransomware with executive leadership? Get in touch with IANS to learn more about how our Faculty can serve as a clear-headed resource to help you and your team. 

Find additional IANS resources from our Faculty on the topic of executive communications and presence: 

• How Information Security Leaders Can Engage the Board Effectively 
  
• Reporting on Information Security Metrics That Matter to Executive Leadership
  
• Guidance for CISOs Presenting to the C-Suite
  
• Educating the Board of Directors on Information Security 
  

Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our blog posts, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by individuals or firms in connection with such information, opinions, or advice.