Archive for the ‘CISO’ Category

ISO 27002 major revision

ISO is shaking up the familiar structure of the ISO 27001/27002 control framework after over 20 years of stability.  Originally published as British Standard BS 7799 Part 1 and 2 in the late 1990s, adopted as the ISO 17799 standard in 2000, and then renumbered as ISO 27001/27002, the name has changed a few times […]

Leave a Comment

With ISO27001 how you should choose the controls needed to manage the risks

Introduction and Background As required by ISO27001 the risks identified in the risk assessment need to be ones that if they happened would result in the loss of Confidentiality Integrity and/or Availability (CIA) of information in the scope of the ISMS. As also required by ISO27001 those controls that are necessary to modify each risk […]

Leave a Comment

Five signs a virtual CISO makes sense for your organization

Here are five signs that a virtual CISO may be right for your organization. 1. You have a lot to protect Companies produce more data than ever, and keeping track of it all is the first step to securing it. A virtual CISO can identify what data needs to be protected and determine the negative […]

Leave a Comment

Boards: 5 Things about Cyber Risk Your CISO Isn’t Telling You

As Jack Jones, co-founder of RiskLens, tells the story, he started down the road to creating the FAIR™ model for cyber risk quantification because of “two questions and two lame answers.” As CISO at Nationwide insurance, he presented his pitch for cybersecurity investment and was asked: “How much risk do we have?” “How much less […]

Leave a Comment

6 free cybersecurity tools CISOs need to know about

6 free cybersecurity tools for 2021 1: Infection Monkey Infection Monkey is an open source Breach and Attack Simulation tool that lets you test the resilience of private and public cloud environments to post-breach attacks and lateral movement, using a range of RCE exploiters. Infection Monkey was created by Israeli cybersecurity firm Guardicore to test its […]

Leave a Comment

Want to become a CISO

CISO role is not only limited to understanding infrastructure, technologies, threat landscape, and business applications but to sway people attitude and influence culture with relevant policies, procedures and compliance enforcement to protect an organization. #CISO #vCISOExplore more on CISO role:

Leave a Comment

Cost Effective Cyber Security

DISC InfoSec provides cost effective Cybersecurity: CISO as a Service (CISOaaS) A Chief Information Security Officer (CISO) is an executive responsible for cybersecurity. Many medium-sized organizations need a CISO but don’t have the budget for one. A Fractional CISO/ vCISO can deliver the value of a full-time CISO without the same level of investment. Why […]

Leave a Comment

Twitter stepped up search to fill top security job ahead of hack

Search for a chief information security officer Twitter Inc had stepped up its search for a chief information security officer in recent weeks, two people familiar with the effort told Reuters, before the breach of high-profile accounts on Wednesday raised alarms about the platform’s security. Twitter said hackers had targeted employees with access to its […]

Leave a Comment

Security executives succeeding in the chaotic coronavirus world

What a crazy world we live in – employees working from home, “dirty” personal devices being used to access corporate data, furloughed employees still maintaining corporate IT assets and access – all while the quantity and variety of cyberattacks and fraud is drastically increasing. Corporate security executives have never had a harder set of challenges […]

Comments (2)

Consider a Virtual CISO to Meet Your Current Cybersecurity Challenges | GRF CPAs & Advisors

By: Melissa Musser, CPA, CITP, CISA, Risk & Advisory Services Principal, and Darren Hulem, IT and Risk Analyst The COVID-19 crisis, with a new reliance on working from home and an overburdened healthcare system, has opened a new door for cybercriminals. New tactics include malicious emails claiming the recipient was exposed COVID-19, to attacks on…Read […]

Leave a Comment

CISO Recruitment: What Are the Hot Skills?

CISO/vCISO Recruitment What are enterprises seeking in their next CISO – a technologist, a business leader or both? Joyce Brocaglia of Alta Associates shares insights on the key qualities What kinds of CISOs are being replaced? Brocaglia says that an inability to scale and a tactical rather than strategic orientation toward their role are two […]

Leave a Comment

Cybersecurity Through the CISO’s Eyes

infographic via Rafeeq Rehman PERSPECTIVES ON A ROLE Cybersecurity Through the CISO’s Eyes Cybersecurity CISO Secrets with Accenture and ISACA Cybersecurity Talk with Gary Hayslip: Aspiring Chief Information Security Officer? Here are the tips So you want to be a CISO, an approach for success By Gary Hayslip Enter your email address: Delivered by FeedBurner

Leave a Comment

CISO or vCISO? The Benefits of a Contractor C-level Security Role

Read how a virtual chief information security officer (vCISO) can help you uplift a struggling information security program. Source: CISO or vCISO? The Benefits of a Contractor C-level Security Role Webinar: vCISO vs CISO – Which is the right path for you? CISO as a Service or Virtual CISO The Benefits of a vCISO Subscribe […]

Leave a Comment

The Adventures of CISO

The Adventures of CISO Ed & Co. 7 Types of Experiences Every Security Pro Should Have Ten Must-Have CISO Skills What CISO does for a living CISOs and the Quest for Cybersecurity Metrics Fit for Business CISO’s Library Subscribe to DISC InfoSec blog by Email

Leave a Comment

7 Types of Experiences Every Security Pro Should Have

As the saying goes, experience is the best teacher. It’ll also make you a better and more well-rounded security pro. Source: 7 Types of Experiences Every Security Pro Should Have InfoSec Jobs  Subscribe in a reader

Comments (1)

Ten Must-Have CISO Skills

Source: Ten Must-Have CISO Skills – By Darren Death Recommended titles for CISO CISO’s Library CISOs and the Quest for Cybersecurity Metrics Fit for Business     CISO should have answers to these questions before meeting with the senior management. What are the top risks Do we have inventory of critical InfoSec assets What leading […]

Comments (1)

What CISO does for a living

What CISO does for a living by Louis Botha It’s based on the CISO mindmap by Rafeeq Rehman, updated for 2018 and adding the less technical competencies Download of What CISO does for a living (pdf) CISO MindMap 2018 – What Do InfoSec Professionals Really Do?   Recommended titles for CISO CISO’s Library CISOs and […]

Comments (1)

CISOs and the Quest for Cybersecurity Metrics Fit for Business

By Kevin Townsend Never-ending breaches, ever-increasing regulations, and the potential effect of brand damage on profits has made cybersecurity a mainstream board-level issue. It has never been more important for cybersecurity controls and processes to be in line with business priorities. A recent survey by security firm Varonis highlights that business and security are not fully aligned; […]

Comments (2)

CISO’s Library

CISO’s personal library on managing risk for their organization.

Comments (3)