The board of directors has asked for a presentation on the organization's cybersecurity risks. As the Chief Information Security Officer (CISO), what would be the MOST effective way to communicate the current risk landscape to a non-technical audience?