You need to brief a non-technical executive on a security issue that could affect a business-critical initiative. The concept is technically nuanced, but the executive mainly cares about business risk, customer impact, regulatory exposure, and what decision is needed.
Describe a situation where you had to explain a complex security concept to a non-technical executive. How did you make it clear, credible, and actionable?