Source: Ten Must-Have CISO Skills – By Darren Death

  • Recommended titles for CISO
  • CISO’s Library
  • CISOs and the Quest for Cybersecurity Metrics Fit for Business


    CISO should have answers to these questions before meeting with the senior management.

    • What are the top risks
    • Do we have inventory of critical InfoSec assets
    • What leading InfoSec standards and regulations apply to us
    • Are we conducting InfoSec risk assessment
    • Do we have risk treatment register
    • Are we testing controls, including DR/BCP plans
    • How do we measure compliance with security controls
    • Do we have data breach response plan
    • How often we conduct InfoSec awareness
    • Do we need or have enough cyber insurance
    • Is security budget appropriate to current threats
    •  Do we have visibility to critical network/systems
    • Are vendor risks part of our risk register

     Subscribe in a reader