Boards Scouring for Cyber-Tech Expert ‘Combinations’
In King’s view, CISOs shouldn’t be on boards. Their role is to create and oversee all security policies and strategies. The best board members with cyber expertise are on the “offensive revenue-generating side,” he says, and those executives include general managers, COOs and CEOs who understand how cyber impacts the overall business — not the CISOs who set security strategy. “There’s a difference between speaking technically and speaking business,” King says. “That doesn’t mean CISOs don’t speak business, per se, but they don’t have a P&L to run.”