A series of workshops with information security leaders from well-known organizations at the NG Security U.S. Summit in December 2014 uncovered valuable insights that can help chief information security officers drive a self-improvement agenda for their enterprise security teams in the year ahead. The business value of information security is always expressed in one of four high-level categories: enablement, risk, compliance and cost. Security professionals are very good at communicating the things that are important but not necessarily strategic (enablement and risk) Security leaders need to communicate more effectively about things that matter most.”]
Source: https://securityintelligence.com/self-improvement-agenda-for-cisos-what-is-top-of-mind-for-2015/