Junaideen, A. & Korba, C. (2019). Communicating the value of cybersecurity to boards and leadership. Deloitte & Touche. This document is important because it addresses some very important things to remember when addressing the board and executive leadership on the topic of cybersecurity. Although it's geared towards life sciences and health care organizations, the lessons are agnostic of industry.
Menon, N. M., & Siponen, M. T. (2020). Executives' Commitment to Information Security : Interaction between the Preferred Subordinate Influence Approach (PSIA) and Proposal Characteristics. ACM SIGMIS Database: The DATABASE for Advances in Information Systems, 51(2), 36–53. https://doi.org/10.1145/3400043.3400047 This document presents interesting recent research around how executives like to be approached with cyber risk issues.
Atkinson, C. (2018, March). Beyond bullet points: Using PowerPoint to tell a compelling story that gets results, Fourth Edition. Microsoft Press. Read Chapter 9: Delivering Your Visual Story
This chapter provides the steps to delivering a dynamic presentation to a designated audience.
Wiedemann, P., Boerner, F. U., & Freudenstein, F. (2021). Effects of communicating uncertainty descriptions in hazard identification, risk characterization, and risk protection. PLoS ONE, 16(7), 1–18. This journal article emphasizes the importance of communication in risk assessment. Performative goals for uncertainty communication and explaining uncertainty about the adequacy of risk protection are explored.
Nurse, J. R. C., Creese, S., Goldsmith, M., & Lamberts, K. (2011). Trustworthy and effective communication of cybersecurity risks: A review. 2011 1st Workshop on Socio-Technical Aspects in Security and Trust (STAST), Socio-Technical Aspects in Security and Trust (STAST), 2011 1st Workshop On, 60–68. Although this research is a bit older, it is a well-done review paper on effective cyber risk communication methods.