Devin Rudnicki, CISO at Fitch Group, emphasizes that security goals should be aligned with business outcomes rather than focused solely on controls, advocating for strategies anchored in corporate objectives, real cyber threats, and industry standards. She highlights three key metrics for security programs—value, risk, and maturity—and stresses the importance of presenting risk in actionable terms for leadership, balancing innovation speed with measured risk, and using automation to free human resources for higher-value work.
https://www.helpnetsecurity.com/2026/03/18/devin-rudnicki-fitch-group-ciso-business-alignment/