Patrick Whelan, CISA, Konica Minolta – When I was consulting I knew the best relationships I had because they would call me at any hour with random questions where they needed an immediate response. They valued the opinion and the intellectual capital supporting it. They were not embarrassed to ask and were always curious to learn. With this type of working relationship the client contact was comfortable putting me in front of the board of directors, because they were confident that I would interact with the board in the same capacity that they would.
Financial institutions’ board members and executive management teams have a responsibility in protecting their client’s customer non-public personal information. Although there are varying degrees of knowledge sitting around the table, information security controls and governance are typically not the resounding skillset. Having a vISO with an ability to interface with these key team members is crucial. The ability to educate and answer difficult questions in a manner that makes sense, even if the audience is not overly technical, is essential to the ISO role. Having a strong, stable, transparent relationship is not only valued, it is mission critical when you work with a vISO.