ForgeAwareness
Get started
← Back to shop

Executive & Board Cyber Briefing Kit

A polished 15-minute board cyber briefing with everything the CISO needs to deliver it without writing from scratch every quarter. Slides, speaker notes, pre-read, Q&A prep, materiality worksheet, tabletop prompts, and an emergency briefing template.

Section 1 of 6~5 min read
Download raw ↗

Executive & Board Cyber Briefing Kit

Audience: CISO (presenter) + the board, audit committee, and C-suite (audience) Format: 15-minute briefing (with optional 30-min deep dive) Cadence: Quarterly minimum; emergency briefing format included

What this kit is — and what it isn't

It is: A polished, opinionated 15-minute board cyber briefing with everything the CISO needs to deliver it without writing it from scratch every quarter. Slides, speaker notes, pre-read, Q&A prep, materiality worksheet, tabletop prompts.

It isn't: Generic "cyber awareness for executives" training. The board doesn't need a course; they need a briefing that frames decisions they have to make.

The CISO is the one taking this training (in the sense of using the kit). The board is the audience. Different design constraint than every other training in the catalog.

What's in the kit

FilePurposeTime
01-Board-Briefing-Deck.htmlThe actual 15-minute deck. Project or share screen. Print as PDF.15 min
02-CISO-Speaker-Notes.mdSlide-by-slide what to say, what to skip, what to elaborate on if asked30 min prep
03-Board-Pre-Read-One-Pager.htmlSingle-page brief board members read before the meeting5 min read
04-Q-And-A-Prep.md24 questions boards actually ask + recommended CISO answers30 min prep
05-Quarterly-Refresh-Playbook.mdHow to keep the briefing current; includes SEC 4-day materiality worksheet15 min/qtr
06-Tabletop-Discussion-Prompts.md4 scenarios for cyber resilience exercises with the board30–60 min
07-Emergency-Briefing-Template.mdWhat to do when you need to brief the board within 24 hours of an incidentas needed

How to use it

First-time setup (60 min)

  1. Read 02-CISO-Speaker-Notes.md end-to-end. The deck is opinionated; if you disagree with any framing, edit it before delivering.
  2. Fill in the brackets. Anywhere you see [YOUR COMPANY], [YOUR INDUSTRY], [YOUR TOOLS], [YOUR FRAMEWORK] — replace with your specifics. This is faster than tokenization because the substitutions are board-specific, not company-wide.
  3. Customize 3 slides that need company specifics: Risk Posture (slide 4), What's Working (slide 12), Asks (slide 13). The rest is largely universal.
  4. Send the pre-read (03-Board-Pre-Read-One-Pager.html) 48–72 hours before the meeting. Boards skim it on the plane.

Each quarter (15 min)

Follow 05-Quarterly-Refresh-Playbook.md. It's a 15-minute checklist that keeps the briefing current without rewriting it.

Emergency briefing (when an incident hits)

Use 07-Emergency-Briefing-Template.md. Designed to be filled out in 30 minutes when you need to brief leadership within 24 hours of detecting a material event.

The voice of this kit

Boards are sophisticated audiences. They are NOT served by:

  • "Cybersecurity 101" framing
  • Acronym soup (CVE, KEV, MITRE ATT&CK — replace with plain English unless board has cyber background)
  • Apocalyptic framing ("breach = company-ending event")
  • False precision ("82.4% of attacks…")

Boards ARE served by:

  • Clear decisions framed in business terms
  • Honest acknowledgment of what you don't know
  • Direct asks (investment, risk acceptances, policy approvals)
  • Real cases that are recognizable (Equifax, Target, SolarWinds, MOVEit, Change Healthcare, MGM, Snowflake-customer breaches, the Hong Kong $25M deepfake)
  • Outcomes-focused metrics (downtime avoided, real-money risk avoided, regulatory exposure managed)

Read the speaker notes before you decide whether to use this kit. If the voice doesn't match yours, change it.

What's intentionally not in this kit

  • Deep technical content. This is a briefing, not training. Use the rest of the ForgeAwareness catalog for technical training.
  • Industry-specific compliance specifics. Each board's regulatory exposure differs. See Q-And-A-Prep.md for how to frame the regulatory section to your industry.
  • Numbers from your environment. Every metric is templated; you fill in the real numbers from your security telemetry. Do not deliver this briefing with placeholder numbers in it.

Licensing

Single-organization license. Customize freely. Brand it as the CISO's own deck. Do not redistribute externally. Includes quarterly refresh updates for one year.