Business Security Weekly (Audio) Say Easy, Do Hard - Defining Objectives and Key Results Aligned to Business Goals - BSW #393
12 snips
Apr 30, 2025 Summer Fowler, CISO at Torque Robotics, shares her expertise in aligning cybersecurity with business goals. She discusses the complexity behind the phrase 'say easy, do hard,' emphasizing the challenges of implementing effective Objectives and Key Results (OKRs) in cybersecurity. Their conversation tackles the importance of transparency and collaboration in managing risks while aligning security measures with organizational objectives. With insights from her teaching experience, Fowler highlights the necessity of clear communication and the role of leadership in fostering a risk-aware culture.
AI Snips
Chapters
Transcript
Episode notes
Align Metrics to Business Goals
- Align security metrics to shared business goals to show value across the organization.
- This shared alignment helps communicate that security supports overall business success.
Normalizing Cyber and Enterprise Risks
- Integrating enterprise risk and cybersecurity risk is difficult due to differing measurement methods.
- Using risk and control maturity together improves normalization of diverse risks.
Realistic Risk Prioritization
- Prioritize risks for objectives based on their risk level and the organization's capacity to address them.
- Set realistic targets for risk reduction in OKRs reflecting resource availability.