How to Get Boards to Prioritize Cyber Risk Quantification

Staff Editor 2026-06-03
How to Get Boards to Prioritize Cyber Risk Quantification

How to Get Boards to Prioritize Cyber Risk Quantification

https://www.infosecurity-magazine.com/news/infosecurity-europe-board-cyber/

Publish Date: 2026-06-03 06:10:00

Source Domain: www.infosecurity-magazine.com

One of the best ways to advise boards on cybersecurity risks is is to focus on money and how a smart approach to cyber risk management can be a strong long term investment for the organization, according to a panel of security leaders at Infosecurity Europe 2026.

Cyber exposure can be difficult to measure. However, using Cyber Risk Quantification (CRQ) and data to showcase cybersecurity threats and vulnerabilities, the most important cybersecurity issues to focus on and what the financial cost of a cyber attack could be to the organization is best way to get support from the board.

Multinational Oil and Gas company BP has been using risk management across the business for decades, but in recent years, it has started applying the practice to cybersecurity.

Vital to this strategy, James Russell, digital risk management lead at BP, said during a fireside chat on the Infosecurity Europe Deep Dive Stage, is to ensure that the data that is produced and what it means can be easily understood by managers.

“It’s something that needs to connect outside of security. But communicating cyber risk, how do you make it meaningful to business leaders?” said Russell. The answer, he continued, is to quantify it around the costs of not properly managing the risk.

Why Businesses Should Measure Risk Using Dollar Value

BP’s Russell said, “Quantifying risk with a dollar value makes it more meaningful, especially when you have a large organization. Measuring risk can be a complex, but dollar value is something everyone understands.”

Silas Bartlett, managing director for cybersecurity at NatWest Group, agreed that getting board buy-in was vital for any organization looking to quantify cybersecurity risk – and it was with this in mind that the bank set out its plans to do so.

“We were having internal discussion on how to improve board reporting,” he explained during the fireside chat. “There is a enough data out there that with enough modelling we can…

Source

More Stories

Mountain Rides resolves cybersecurity threat | Transportation

Mountain Rides resolves cybersecurity threat | Transportation

Staff Editor 2026-06-05
NICC offers new computing and cybersecurity program for high school students | 97 Seven Country WGLR – The Tri-States Best Variety of Country

NICC offers new computing and cybersecurity program for high school students | 97 Seven Country WGLR – The Tri-States Best Variety of Country

Staff Editor 2026-06-05
Ashley Devoto Named Air Force CIO

Ashley Devoto Named Air Force CIO

Staff Editor 2026-06-05

Terms and Conditions - Privacy Policy