How to Speak Board: A Primer for CISOs

By Kirsty Paine

Boards come in different sizes, and their members from varied backgrounds.

There’s no “one-size-fits-all” approach for CISOs wondering how to navigate board relationships effectively. But LaLisha Hurt, a three-time CISO and currently a public sector industry advisor at Splunk, has some pointers. With her extensive experience communicating with a board of directors during her previous tenures at Capital One, GDIT, and General Electric, she is well-equipped to offer valuable insights.

She emphasizes the need to speak their language, which involves understanding each member’s background and their unique concerns. This empathetic approach not only helps a CISO gauge their cybersecurity knowledge but also explain how security risks are business risks. “Present security as a business enabler and not a cost center,” Hurt advises; she also recommends interjecting dollars and numbers wherever possible to describe the impact.

My entire conversation with LaLisha Hurt is a treasure trove of insights on how to navigate board relationships as a CISO. Don't miss out on these valuable perspectives. And for more thought-provoking discussions from security, IT, and engineering leaders delivered straight to your inbox, sign up for our monthly newsletter.

Kirsty Paine

Kirsty Paine (she/her) is a Strategic Advisor in Technology and Innovation for Splunk’s EMEA region, where she provides technical thought leadership for strategic accounts. As an experienced technologist, strategist and security specialist, she thrives on understanding difficult problems and finding creative solutions. Her long-standing mantra, after nearly a decade working in cyber security, is simple and straightforward: "Make Good Choices".

Kirsty's background in cyber security stems from her mathematical roots, built on by her time working for the UK National Cyber Security Centre, where she spent years specialising in security, privacy and internet technologies. There, she often joked that her job was to look after two simple things: the security of 1) the internet and 2) all of its things. This role required a lot of technical strategy, coupled with international engagement across industry, and quite a lot of patience.

When not finding or fixing problems, Kirsty can usually be found in the gym or surrounded by sushi (making it, eating it, or both).

CISO Circle 6 Min Read

The AI Genie is Out of the Bottle. Now What?

AI is transforming software development, security, and decision-making—but at what cost?

CISO Circle 3 Min Read

How Cybersecurity Leaders Can Advance From Firefighting To Innovating

Want to innovate with AI? Start by locking down your cyber hygiene

CISO Circle 3 Min Read

The Divide Between AI Anxiety and Reality

AI may be the boogeyman in cybersecurity, but the real monsters are the old threats we already know—just with a new AI twist.

About Splunk

The world’s leading organizations rely on Splunk, a Cisco company, to continuously strengthen digital resilience with our unified security and observability platform, powered by industry-leading AI.

Our customers trust Splunk’s award-winning security and observability solutions to secure and improve the reliability of their complex digital environments, at any scale.

Learn more about Splunk