1st Edition
The Shortest Hour An Applied Approach to Boardroom Governance of Cyber Security
Preface
Introduction
SECTION ONE. Enhancing Board Oversight
1. The threat landscape
2. The chief information security officer role
3. Security vs. compliance
4. Examining the information security board governance structure
5. Information security assessment
6. The strategic plan
7. The importance of execution
8. Financing cyber security
9. The role of security vendors and consultants
10. Security service management
11. A vision for cyber security board governance
SECTION TWO. Cyber security overview
12. Security operations
13. Incident response
14. Security awareness
15. Policy management
16. Risk management
17. The path ahead
Appendix: Cyber security inquiry checklist
Index
Biography
Lee Parrish is an award-winning technology executive with over two decades of unique experience in blending cybersecurity expertise with essential business competencies. As a Chief Information Security Officer, he has built customized cybersecurity strategies for global Fortune 500 corporations and has led real-world incident responses to cyber events. Lee has served as a trusted advisor on cybersecurity to multiple boards consisting of Chief Executive Officers, a former White House Chief of Staff, retired high-ranking military officers and a former U.S. Presidential candidate.
Lee possesses two graduate degrees and is certified as both a Boardroom Qualified Technology Expert as well as a Certified Information Systems Security Professional. He has published numerous articles in industry journals, contributed to a best-selling information security book, and authored a children’s book on cybersecurity. He is a frequent speaker at international security conferences and a guest on various podcasts.
Lee is a combat veteran of the United States Marine Corps.
It is not a secret that Boards typically do not understand cybersecurity and threat landscape (hopefully I will be forgiven by various Board members reading these lines). It is also not a secret that CISOs more often than not have significant challenges getting their message across to the Board members.
This book is targeting closure of this gap by both educating Board members by helping them to understand CISO role and cybersecurity threats and by guiding CISOs on how to package and deliver messages to Boards.
Significant value of the book is in the clear callout the differences between compliance (notion well understood by Board members) and security (notion not so well understood by Board members).
This book is highly recommended to all CISOs and all Board members who take their Board roles seriously.
Dr. Vladas Leonas, Adjunct Professor at the Australian Graduate School of Leadership (and a career CIO).
Cyber security is no longer a niche technical topic—it’s a strategic imperative for every boardroom. In The Shortest Hour, Lee Parrish delivers a masterclass in bridging the gap between cyber risk and corporate governance. Drawing on decades of experience as a CISO and advisor to global boards, Parrish provides a roadmap for directors to enhance oversight without getting lost in technical complexity. His narrative style makes complex concepts approachable, while his emphasis on practical execution ensures readers walk away with actionable strategies.
From clarifying the role of the CISO to exploring committee structures and incident response planning, this book covers the full spectrum of board-level responsibilities. Parrish’s insights on emerging regulations and the future of cyber governance are particularly valuable for directors preparing for heightened disclosure requirements. If you’re a board member, executive, or aspiring CISO, The Shortest Hour is a must-read for building resilience and safeguarding shareholder value.
Gary Craven, P.Ag., FCMC, ITCP, Partner, Paradigm Consulting Group
