Secure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and Compliance

What Should the Board Ask the CISO? | Interview with Clar Rosso

10 snips

Feb 10, 2026

Clar Rosso, experienced cybersecurity leader and former (ISC)2 CEO now running Rosso Strategic Advisors, explains board-level cyber oversight and digital resilience. She discusses how AI raised board attention, why resilience matters more than just defense, and which high-level metrics and controls boards should focus on. Short, business-focused guidance on aligning cybersecurity with strategic goals.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

INSIGHT

AI Catalyzes Board Attention To Cyber

AI raised board awareness that cybersecurity and technology governance are integral business issues.
Clar Rosso says AI's data reliance forces boards to improve digital oversight to protect strategic goals.

ADVICE

Start With Resilience, Not Just Defense

Do shift board conversations from pure prevention to digital resilience and incident response.
Clar Rosso recommends tabletop exercises so board members learn by doing and see business impact.

ADVICE

Translate Cyber To Business Outcomes

Do speak the language of business and map cybersecurity to strategic objectives.
Clar Rosso urges CISOs to explain how security accelerates goals or what risks block them.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

In this episode, Dejan Kosutic talks with Clar Rosso, CEO of Rosso Strategic Advisors, board member of Excelsior University, and the former CEO of ISC2, about the evolving role of boards for cybersecurity. They discuss the increasing importance of cyber governance, the impact of AI, the concept of digital resilience, and the interaction between cybersecurity professionals and boards of directors. Claire shares her insights on how to better integrate cybersecurity into business operations and enhance board members' understanding. Tune in to learn how a strong cyber posture can help businesses achieve their strategic goals and mitigate risks.

Links from the episode:
- Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software
- White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits
- Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertise to potential clients: https://advisera.co/Consultant-Courses
- Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account
- Beginner's Course for ISO, Cybersecurity, and AI Consultants: https://www.youtube.com/playlist?list=PLHwD3nQun7caKFq80LxNNYKIabATlyA7t
- How to Grow Your Cybersecurity, ISO, or AI Consultancy: Advanced Course:https://advisera.co/GrowYourConsultancyTraining

(00:00) - Interview with Clar Rosso
(00:21) - Introducing Today's Guest: Clar Rosso
(01:18) - Cybersecurity as a Business Issue
(03:54) - Board Members' Role in Cybersecurity
(05:19) - Cyber Resilience vs. Cyber Defense
(07:59) - Cybersecurity's Role in Business Growth
(09:13) - Effective Communication with the Board
(19:56) - Compliance and Risk Management
(25:00) - The Future of Cybersecurity Audits
(31:19) - Board's Role During a Cyber Breach
(35:44) - Resources for Consultants and Cybersecurity Professionals