Kent Anderson: What training programs are out there to help non-security managers understand the importance of information security to our organizations? Anderson: Most of the industry training organizations have ‘Intro to Information Security’ courses but dive into technical details such as Internet protocols and cryptology. There are papers and publications that have been developed to help business managers understand security risks better. The Financial Impact of Cyber Risk: 50 Questions Every CFO Should Ask is a free download; but requires registration;. ISACA’s Information Security Governance: Guidance for Boards of Directors and Executive Management, 2nd Edition.”]
Source: https://www.healthcareinfosecurity.com/blogs/qa-how-to-train-non-security-managers-p-703