Jerry π¦ππ¦I get to speak to a masters in cyber security class at a major university on Monday. They are learning about interacting with senior leadership/BoD on topics of cyber risk. I have many stories to share with them, but curious if yβall have any ideas on what you thank that group should know
Pesky Warlock@jerry Also, it absolutely has to be established that Infosec runs the investigation, and can be allowed to turn things off. I once ran an incident communications workshop where the PR dept. said flatly: we will be running the investigation, as if they knew anything about systems. They wanted to govern the story completely.