How Do You Unite IT With Compliance, CISO, And DPO So The Board/Decision-makers Will Approve Your Proposals?​

Posted on by Eli Migdal

How Do You Unite IT With Compliance, CISO, And DPO So The Board/Decision-makers Will Approve Your Proposals?

*This post originally appeared on LinkedIn by Co-Founder Eli Migdal here

The cycle of quick decision making in cyber security, can be quick! But it relies on one thing:

 

Aligning all 4 roles with the same goal and ‘How to achieve it’.

 

In most cases, decision-makers will quickly approve your request for a budget, product… anything you need to keep the company secure and growing if everyone is on the same page.

 

From my personal experience the CISO, IT, DPO and Compliance usually want the same thing at a hugely Macro level but every one of them has a VERY different path.

 

Which in a nutshell usually looks something like this:

1. DPO and Compliance will work as BFF’s (Best friends forever 🙂 ).

2. IT and CISO will constantly have challenges mainly on priorities and timelines.

 

But, a Smart CISO will utilize Compliance and the DPO to get what they want. Whilst a smart IT manager will utilize the CISO and DPO to get all their infrastructure requirements.

 

As a Cyber Security External Consultant, I usually take a more pro-active approach, I need to quickly understand what is the biggest threat that can unite them all.

 

For example, when I engage in a cyber security project, the first thing that I do is “gather all of them around the biggest threat.” In recent years the common threat is usually a “Data Breach” (APT, Insider threat, or others). A data breach is a risk that first hurts the entire company but then also hurts each of the above roles specifically.

 

The best way, from my experience, to gather and unite them is by showing them the HUGE number, and proper figures that the Threat actually puts the company at risk of losing.

 

For example, I noticed in several companies that most of the key players were not aware that a Data Breach has a 

Total Threat Loss figure in the hundreds of millions.

 

Each of them only sees the impact on their department and not the total impact on the entire organization. A good example is the Compliance Officer and DPO’s seeing the regulation fine impact but not fully seeing the Salary loss and Sales Loss impacts.

 

So my approach is always, unite the team behind the biggest Threat, and then we prioritize all the tasks on how to mitigate the biggest common threat.

 

Then you can approach the board united and get quick approvals.

 

Find out your biggest threat to unite them using boardish.io

Categories

Tags

Boardish Boardish and Power BI Boardish interview Board Proposal Advice Budgeting Business Budget CISO CISO Leadership CISO Retention Covid-19 CTOs Cyber budget approvals Cyber professionals Cyber Risk Cyber Risk Quantification Cyber Sales Cyber Sales Framework Cyber Sales Process cybersecurity cybersecurity ROI CybersecurityROI Cybersecurity Cyber Threat Decision-making Interview IT Budget IT Budget Approvals IT Budgeting IT Proposal Ideas ITproposalideas #WinningITProposals #ITManagers #CTOs IT Proposals Microsoft's Power BI Integration news News Announcement partners partnerships Power BI quantify Risk Management Sales Vendors Sell Networking Equipment Sell Tech Solutions service partners tech proposals Threat Quantification Threat Quantification Case Study
Eli Migdal

Eli Migdal

IT and cyber expert Eli has helped countless businesses of all sizes advance their IT solutions. With high profile clients across Israel and Europe he has had to get many IT budgets approved throughout his career and fully understands the challenges this creates for IT managers, CTO’s, CIO’s, and CISO’s.
See More Posts

Quicker IT & CYBER Budget Approvals

When technology meets 'bottom line'. There's Boardish.

Test for yourself for free

Get the pragmatic guide to cyber risk quantification

THE PRACTICAL WAY OF TURNING IT AND CYBER THREATS AND SOLUTIONS INTO FINANCIAL FIGURES FOR FASTER DECISION-MAKING.