The Chief Information Security Officer: Insights, tools and survival skills
By Barry Kouns and Jake Kouns
1/5
()
About this ebook
The serious and ever-changing nature of today’s security threats demand a strategic-minded response, and a successful CISO will always be thinking about how to gain business objectives through enabling technology while properly managing risk.
This pocket guide emphasises the importance of a suitable information security management system (ISMS) and the risk management methodolgy that should be at its heart.
Barry Kouns
Barry Kouns is a security and risk management expert with over 25 years of experience in information security consulting, risk assessment and quality management. Barry formed and operates SQM-Advisors, an information security, risk assessment and IT service management firm that has led eight organisations to ISO/IEC 27001:2005 certification. He is frequently quoted in magazines and news articles on information security and has held the position of Trainer for the British Standards Institute (BSI). He holds a BS in Statistics and an MS in Industrial Engineering Management. Barry has earned the CISSP designation and is a trained ISO/IEC/27001 Lead Auditor and ISMS Implementer, and is ITIL Foundation certified.
Related to The Chief Information Security Officer
Related ebooks
Building Effective Cybersecurity Programs: A Security Manager’s Handbook Rating: 4 out of 5 stars4/5Information Security for Small and Midsized Businesses Rating: 0 out of 5 stars0 ratingsInformation Security Management Principles Rating: 3 out of 5 stars3/5Hands-on Incident Response and Digital Forensics Rating: 0 out of 5 stars0 ratingsNine Steps to Success: An ISO27001:2013 Implementation Overview Rating: 1 out of 5 stars1/5Information Security A Practical Guide: Bridging the gap between IT and management Rating: 5 out of 5 stars5/5Infosec Management Fundamentals Rating: 5 out of 5 stars5/5Managing Information Security Breaches: Studies from real life Rating: 0 out of 5 stars0 ratingsSecurity Operations Center - SIEM Use Cases and Cyber Threat Intelligence Rating: 0 out of 5 stars0 ratingsBuilding a Practical Information Security Program Rating: 5 out of 5 stars5/5The Manager’s Guide to Enterprise Security Risk Management: Essentials of Risk-Based Security Rating: 0 out of 5 stars0 ratingsSelling Information Security to the Board: A Primer Rating: 0 out of 5 stars0 ratingsBuilding an Effective Cybersecurity Program, 2nd Edition Rating: 0 out of 5 stars0 ratingsBuild a Security Culture Rating: 0 out of 5 stars0 ratingsCybersecurity ABCs: Delivering awareness, behaviours and culture change Rating: 0 out of 5 stars0 ratingsHow Cyber Security Can Protect Your Business: A guide for all stakeholders Rating: 0 out of 5 stars0 ratings7 Rules To Become Exceptional At Cyber Security Rating: 5 out of 5 stars5/5Data Breach Preparation and Response: Breaches are Certain, Impact is Not Rating: 0 out of 5 stars0 ratingsThe Human Fix to Human Risk: 5 Steps to Fostering a Culture of Cyber Security Awareness Rating: 0 out of 5 stars0 ratingsApplication Security in the ISO27001 Environment Rating: 0 out of 5 stars0 ratingsInformation Protection Playbook Rating: 0 out of 5 stars0 ratingsThe Cybersecurity Mindset: Cultivating a Culture of Vigilance Rating: 0 out of 5 stars0 ratingsInsider Threat: A Guide to Understanding, Detecting, and Defending Against the Enemy from Within Rating: 0 out of 5 stars0 ratingsBusiness Practical Security Rating: 0 out of 5 stars0 ratingsCybersecurity Incident Response: How to Contain, Eradicate, and Recover from Incidents Rating: 0 out of 5 stars0 ratingsDesigning and Building Security Operations Center Rating: 3 out of 5 stars3/5Security Operations: CISSP, #7 Rating: 0 out of 5 stars0 ratingsISO27001 in a Windows Environment: The best practice implementation handbook for a Microsoft Windows environment Rating: 0 out of 5 stars0 ratings
Security For You
CompTIA Security+ Study Guide: Exam SY0-601 Rating: 5 out of 5 stars5/5The Hacker Crackdown: Law and Disorder on the Electronic Frontier Rating: 4 out of 5 stars4/5Social Engineering: The Science of Human Hacking Rating: 3 out of 5 stars3/5How to Be Invisible: Protect Your Home, Your Children, Your Assets, and Your Life Rating: 4 out of 5 stars4/5Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5How to Become Anonymous, Secure and Free Online Rating: 5 out of 5 stars5/5Remote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5Make Your Smartphone 007 Smart Rating: 4 out of 5 stars4/5Cybersecurity For Dummies Rating: 4 out of 5 stars4/5Mike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5How to Hack Like a Pornstar Rating: 5 out of 5 stars5/5Mike Meyers CompTIA Security+ Certification Passport, Sixth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Practical Lock Picking: A Physical Penetration Tester's Training Guide Rating: 5 out of 5 stars5/5Hacking: Ultimate Beginner's Guide for Computer Hacking in 2018 and Beyond: Hacking in 2018, #1 Rating: 4 out of 5 stars4/5CompTIA Network+ Review Guide: Exam N10-008 Rating: 0 out of 5 stars0 ratingsThe Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers Rating: 4 out of 5 stars4/5Dark Territory: The Secret History of Cyber War Rating: 4 out of 5 stars4/5Tor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5Hacking For Dummies Rating: 4 out of 5 stars4/5Wireless Hacking 101 Rating: 4 out of 5 stars4/5Network+ Study Guide & Practice Exams Rating: 4 out of 5 stars4/5Codes and Ciphers Rating: 5 out of 5 stars5/5Ultimate Guide for Being Anonymous: Hacking the Planet, #4 Rating: 5 out of 5 stars5/5CompTIA CySA+ Practice Tests: Exam CS0-002 Rating: 0 out of 5 stars0 ratingsSecurity+ Boot Camp Study Guide Rating: 5 out of 5 stars5/5
Reviews for The Chief Information Security Officer
1 rating0 reviews
Book preview
The Chief Information Security Officer - Barry Kouns
Resources
INTRODUCTION
This book is divided into eight chapters designed to introduce you to the CISO position by discussing the tools used by the most effective CISOs and how current CISOs can grow with the challenges of the position. A brief description of each chapter follows:
Chapter 1 The nature of the CISO role: The CISO is bombarded with new issues on a daily basis, making it one of the most challenging positions in organizations today. CISOs find themselves held responsible for the protection of the organization’s information, but often reporting to the CIO who is rewarded for making the organization’s information more readily available to all.
Chapter 2 The traditional CISO job description: The CISO is responsible for overseeing the overall corporate security strategy, security architecture and security function. The scope of the role traditionally covers all implemented security technologies and services, including security applications, perimeter defenses, physical and logical access control, and access management for all employees, contractors and visitors.
Chapter 3 The changing CISO role: The experience and skills that made yesterday’s CISO successful will no longer meet today’s organizational needs. While still very much a technologist, today’s CISO must have excellent communication and presentation skills, be able to understand everything as a process and demonstrate keen business acumen.
Chapter 4 The new CISO’s toolbox: Today’s CISO cannot remain just a master technician, but needs to develop the skills of a leader, facilitator, communicator and an agent of change. Today’s CISO needs to prepare to be a trusted adviser to senior management who can translate information security threats and business risk into terms that stakeholders can relate to and understand the