Key survey findings include:
- Only 38% of non-executive respondents use business-oriented language when communicating with senior executives
- 48% of non-executive respondents believe it is somewhat or very difficult to discuss information security with senior management
- 78% of executive respondents and 85% of non-executive respondents ranked risk management as the highest among key issues they need to communicate with executive leadership about.
The bad news is most IT security professionals haven’t developed the necessary skills to communicate effectively with non-technical executives.
Melancon continued: “IT security professionals tend to focus on granular, technical information, but senior leadership wants to focus on how security can protect business goals like revenue growth, profit, competitive agility and customer satisfaction. This ability to communicate the value of information security in terms easily understood by the rest of the business is a critical skill for career success in IT security. Connecting security to the business is destined to become the new normal.”