To anyone in the cyber security world, this report is not news. However to businesses and governments without deep knowledge of cyber crime, it should be a wake up call. Talking with CISOs, I still find that they struggle to make their voices heard at  board level. What will it take for a CISO to join the 'C-suite'?