Reputational Risk in the Digital Age: 5 Considerations for CISOs


2 minute read | January.15.2025

Chief Information Security Officers can navigate cybersecurity threats most effectively if they have strong relationships with key stakeholders, such as communication and legal teams.

They also should align business objectives with reputational and operational strategies, said David Chamberlin, managing director of Orrick’s Strategic Communications Advisory Team.

He discussed the CISO’s evolving role and the importance of the CISO as a trusted business advisor in a recent discussion with David Malicoat on The Professional CISO podcast.

Key Takeaways:

1. The CISO should be an expert in business as well as technology.
This involves understanding the broader business implications of cybersecurity incidents and learning to effectively communicate these to stakeholders.

2. Effective communication is crucial for CISOs, especially during crises.
The CISO should cultivate strong relationships with legal, marketing and communications teams to manage expectations and maintain trust with stakeholders.

3. CISOs must navigate legal liabilities and reputational risks.
CISOs should align business strategies with communication tactics to address these challenges.

4. Trust is a key component of a CISO’s role.
CISOs should be transparent and truthful in their communications to build and maintain trust.

5. Cybersecurity practices should algin with a company’s mission, vision and values.
This can help ensure that actions taken during a crisis are consistent with the company’s overall objectives and stakeholder expectations.

Listen to the podcast on Apple, Spotify or YouTube.