Use demonstrations to show threats in action. This provides clarity and helps build trust, moving beyond “just trust me on this” to show real-time examples of our efforts. “In a recent board update, I used demos to show the ease of use of toolkits favored by adversaries and showcased the before-and-after effects of implementing specific security controls.”
Finally, Jenkins also makes a point of highlighting how security is also a driver of innovation. “I emphasize how security enables innovation by providing guardrails, which serves as a nice complement to the more defensive aspects of our work.”
Shifting away from purely committee reporting isn’t just a tactical move. It reflects the growing need to have CISOs provide input into many business initiatives. Jenkins believes CISOs can offer valuable input into AI adoption, operational resilience, technology modernization, data and digital transformation, mergers and acquisitions, supplier and procurement strategies, and geopolitical risk management.
