Cybersecurity leaders are being judged less by the controls that they are implementing and more by the manner in which they explain decisions, trade-offs and outcomes to business leaders with clarity.