{
  "docId": "019dd923-5de0-76bd-a169-54303fbbe19b",
  "docSlug": "0ec770bd87313ce8",
  "documentTitle": "The CEO’s Guide to Cybersecurity",
  "authorId": "BCG",
  "authorName": null,
  "documentKindSlug": "consulting-deck",
  "documentKindLabel": "Consulting deck",
  "sourceTypeSlug": "strategy_consulting",
  "sourceTypeLabel": "Strategy consulting",
  "presentationDate": null,
  "orientation": "portrait",
  "aspectRatio": 0.784,
  "pageNumber": 7,
  "pageCount": 15,
  "prevPage": 6,
  "nextPage": 8,
  "slideType": "other",
  "function": "frame_problem",
  "density": "dense",
  "nDataPoints": 0,
  "notes": "This slide is part of a series of diagnostic questions, likely for a board or executive leadership team.",
  "elementsJson": [
    "headline_text",
    "paragraph",
    "numbered_list"
  ],
  "metadataConfidence": 0.9,
  "imagePath": null,
  "slideHref": "/slides/019dd923-5de0-76bd-a169-54303fbbe19b/7",
  "deckHref": "/decks/019dd923-5de0-76bd-a169-54303fbbe19b",
  "deckJsonHref": "/decks/019dd923-5de0-76bd-a169-54303fbbe19b.json",
  "deckAnchorHref": "/decks/019dd923-5de0-76bd-a169-54303fbbe19b#slide-7",
  "components": [
    {
      "bbox": {
        "h": 0.02,
        "w": 0.15,
        "x": 0.36,
        "y": 0.47
      },
      "kind": "callout",
      "text": "FOLLOW-UP QUESTION",
      "attrs": null,
      "subkind": "primary",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "cc16ca2c-9356-4376-a5bc-9cd95bb7218c",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": null,
      "kind": "callout",
      "text": "The goal is to unlock their deep understanding and knowledge of your environment—and what keeps them up at night.",
      "attrs": null,
      "subkind": null,
      "toolName": "Visual emphasis",
      "toolSlug": "visual-emphasis",
      "confidence": null,
      "componentId": "019dd951-fefa-773b-abc8-2423b85538b1",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.05,
        "w": 0.5,
        "x": 0.36,
        "y": 0.5
      },
      "kind": "list",
      "text": "What are the top three technology-related issues that could put us out of business today?",
      "attrs": null,
      "subkind": "bullet",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "2d209030-3513-4729-8f9b-17f9a0988489",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.25,
        "w": 0.72,
        "x": 0.14,
        "y": 0.27
      },
      "kind": "paragraph",
      "text": "Answers to this can be very enlightening. It is rare that technology leaders don't know of weaknesses within their environment that could be leveraged to harm the organization. They often will not share this information unless asked specifically. Asking what they know, rather than what they want to share, often leads to more open-ended and transparent answers. If you asked a narrow question designed to limit potential answers, you will get limited, less candid answers. The goal is to unlock their deep understanding and knowledge of your environment—and what keeps them up at night.\n\nKnowing what your technology team thinks is a critical factor in understanding your risk. Are they equipped to make necessary decisions in a vacuum, or should they be made with support from higher-level leadership? Even CIOs may often have a more myopic view of some issues that could benefit from a wider discussion of company risk exposure and tolerance levels.",
      "attrs": null,
      "subkind": "paragraph",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "afcacf62-f8cd-475f-91a6-145cda703cff",
      "frameworkName": null,
      "frameworkSlug": null
    },
    {
      "bbox": {
        "h": 0.12,
        "w": 0.72,
        "x": 0.14,
        "y": 0.14
      },
      "kind": "title",
      "text": "How would you attempt to attack us, infect our systems with ransomware, steal our data, and otherwise cause us potentially severe disruption and losses?",
      "attrs": null,
      "subkind": "headline",
      "toolName": null,
      "toolSlug": null,
      "confidence": null,
      "componentId": "3edef029-3025-4b0a-8455-b992edeb3635",
      "frameworkName": null,
      "frameworkSlug": null
    }
  ],
  "metrics": [],
  "tools": [
    {
      "name": "Action Titles",
      "slug": "action-titles",
      "agent": "Architect",
      "layer": "slide",
      "matchId": "019dd95a-14f6-720d-8375-4e909ed2c618",
      "evidence": "Title is the long question about attack scenarios",
      "confidence": 80
    },
    {
      "name": "Concrete Language",
      "slug": "concrete-language",
      "agent": "Storyteller",
      "layer": "slide",
      "matchId": "019dd95a-14f6-720d-8375-53474b31ba42",
      "evidence": "Names specific threats: ransomware, data theft, severe disruption and losses",
      "confidence": 70
    }
  ],
  "frameworks": [],
  "arcBeats": [
    {
      "to": 9,
      "from": 4,
      "beatId": "019dd95a-0702-74a3-87e1-68abc4f9b35a",
      "arcName": "The Consultant's Gambit",
      "arcSlug": "consultants-gambit",
      "beatName": "Problem & Complication",
      "beatSlug": "consultants-gambit-problem-complication",
      "evidence": "Questions 1-6 enumerate exposure: assets, education, strategy, attack vectors, recovery, prevention",
      "position": 2,
      "confidence": 55,
      "parentBeatName": "Complication",
      "parentBeatSlug": "complication"
    }
  ],
  "loops": [
    {
      "to": 9,
      "from": 3,
      "name": "Mece Breakdown",
      "slug": "40-mece-breakdown",
      "bestFor": "Problem structuring, ensuring completeness, strategic analysis",
      "matchId": "019dd95a-088c-724c-b30d-fd91b0cb420d",
      "evidence": "Intro frames the question set, then six distinct, non-overlapping diagnostic questions (assets, training, strategy, attack vectors, recovery, prevention)",
      "position": 1,
      "objective": "Enumerate the foundational cybersecurity readiness questions a CEO must diagnose",
      "structure": "The Whole -> Category A (distinct) -> Category B (distinct) -> Category C (distinct) -> Complete Coverage",
      "confidence": 70,
      "description": "Divide a complex topic into mutually exclusive, collectively exhaustive categories"
    }
  ],
  "imagePathAlt": null,
  "thumbSrc": null,
  "thumbSrcAlt": null,
  "locked": true
}