Board

Board Pressure

What happens

The board asks the CISO uncomfortable questions. Often follows a peer-organisation incident, a regulatory development (SEC cyber disclosure), or a new board-level risk-committee mandate.

Buyer-state shift

The CISO needs board-friendly answers and board-friendly metrics. Strategic categories that produce defensible reporting get prioritised over operational tools that produce alerts.

Typical motion

Augmentation at the strategic layer. The CISO is not replacing operational tools; they are adding the reporting and quantification layer above them. Vendors who can package operational data into board-ready output win.

Urgency window

One quarter to align with the next board cycle.

Common mistake

Selling the operational tool when the buyer needs the reporting story. Two adjacent budgets; very different buying motions. The board-driven deal is sold to the CISO but justified to the audit committee.