Conclusion: The role of a cyber security executive is challenging at the best of times, as they need to continually strike a balance between informing and influencing, without continually alarming. But the context surrounding why an organisation creates a cyber security executive role is critical to the success of cyber risk management. Executive level commitment is required continually to ensure that the cyber security executive’s message and mandate are understood by all. Ultimately, a neutered cyber security executive will result in a fragile organisation with excessive, inappropriate, or inadequate controls. Organisations with controls that are mismatched to their objectives will be easy pickings for both attackers and regulators.

Existing Client Login



This advisory paper is only available to IBRS advisory clients. To find out more about becoming an IBRS advisory client complete the attached form and we will be in touch.

Please let us know your name.
Please let us know your email address.
Please enter a valid phone number
Invalid Input
Invalid Input

Read more ...



James Turner

About The Advisor

James Turner

James Turner is an IBRS emeritus Advisor who specialised in cyber security and risk and facilitates the CIO Cyber and Risk Network on behalf of IBRS. James has over a decade of experience as an industry analyst and advisor; researching the cyber security industry in Australia. As an IBRS Advisor, James authored over 100 IBRS Advisory papers, led dozens of executive roundtables, and presented at numerous conferences.