The CISO is the subject-matter expert in understanding the standard set of active cyber risks, benchmarking to what degree the organization’s exposure influences potential impact. They then take appropriate steps to ensure the major risks are addressed. The key to unleashing resources is in turning this knowledge into action which lies in the management’s hands. The ultimate ‘Security for Management’ PPT template follows the commonly accepted NIST Cyber Security Framework as an overall outline and includes open sections to be completed with respect to each organization’s unique security state.
Source: https://thehackernews.com/2020/01/cybersecurity-management.html