The CISO Perspective: Understand The Importance of The CISO in The Cyber Threat Landscape
- Barry Kouns, Jake Kouns
- IT Governance
The CISO Perspective – Understand the importance of the CISO in the cyber threat landscape
The CISO (chief information security officer) has overall responsibility for corporate security strategy, but today’s CISO also needs to be in the business of managing information, not just securing it.
In its first edition, this book challenged security professionals to recognise that the serious and ever-changing nature of the security threats in 2011 demanded an organisation-wide strategic response, not just an automated reaction. It proposed that it was time for CISOs to transition from security coordinators to evangelists for risk management, while being technology innovators and trusted advisers to senior management.
In this updated edition, the security threat landscape has widened and the broadening of the CISO role has become a mandate for organisational survival. This book challenges and guides information security professionals to think about information security and risk management from the enterprise level, not just from the IT perspective.
Read this book and understand how:
- The CISO’s role can improve an organization’s cyber strategy.
- An enterprise’s view of information security, business continuity, compliance, safety, and physical security is crucial for the success of your organisation’s cyber security defense.
- Soft skills are crucial in order for the CISO to communicate effectively with the Board and other departments in the organisation.
- Standards such as ISO 27001:2022 can help your organisation implement a suitable ISMS (information security management system).
- Risk management is imperative to identify, analyze, evaluate and protect the organization’s assets.
About the Author
Barry Kouns is a security and risk management expert with more than 25 years’ experience in information security consulting, risk assessment and quality management. He formed and operates SQM Advisors, LLC, an information security, risk assessment and IT service management firm that has led numerous organisations to ISO/IEC 27001:2013 certification. Barry co-founded Risk Based Security, Inc., a vulnerability intelligence and data breach analytics organisation that was acquired by Flashpoint in 2022.
Jake Kouns holds a Master of Business Administration with a concentration in information security from James Madison University. He holds a number of certifications including CISSP®, CISM®, CISA®, and CGEIT®. Jake co-founded Risk Based Security, Inc., and is currently the Chief Innovation Officer at Flashpoint. He is well known from his presentations at security conferences including RSA, CISO Executive Summit, EntNet IEEE GLOBECOM, CanSecWest, and SyScan. Jake is also the co-founder of RVAsec, a Richmond, Virginia information security conference that has grown to host more than 500 attendees. He is the co-author of Information Technology Risk Management in Enterprise Environments and has also been interviewed numerous times as an expert in the security industry.
In this Book
The Nature of the CISO Role
The Traditional CISO Job Description
The Changing CISO Role
The New CISO’s Toolbox
The Information Security Management System
Summary – You Become What You Think About