Recommended Key Initiative Plan
These 9 initiatives have been found to elicit the most significant measurable impact for professionals in this role.
- 1. Diagnose Security Issues
- 2. Build an Information Security Strategy
- 3. Optimize Security Mitigation Effectiveness
- 4. Consolidate Security Risk Management Solutions
- 5. Develop a Security Incident Management Program
- 6. Build a Security Awareness and Training Program
- 7. Develop and Deploy Security Policies
- 8. Select and Implement a Governance, Risk, and Compliance Solution
- 9. Build a Risk-Based Security Budget
Security Risk, Strategy & Governance
Featured Blueprints
April 19, 2022
The Security Priorities 2022 report identifies what CISOs should be focusing on this year and how to take action.
April 01, 2022
Integrate IT risks into the enterprise risk management (ERM) program to make strategic risk-informed decisions that drive the organization forward ...
April 01, 2022
Managing risk has never been more important. Ensure that your organization has an established and manageable way of governing a process related to ...
December 13, 2021
The sensitivity of data varies significantly, from public information to highly confidential trade secrets. To ensure proper protection, businesses...
October 20, 2021
This blueprint will help you to operationalize your privacy program by guiding you through processes related to determining your current state, dra...
August 10, 2021
Info-Tech has developed an approach to prioritizing the threat areas that are most pressing to your enterprise. Using the MITRE ATT&CK framework, i...
May 27, 2021
A strong security program and privacy framework are fundamental to successful organizations and require a proactive approach that embeds principles...
May 10, 2021
Your security budget is being slashed and you need to find creative ways of securing the environment. You are familiar with Microsoft, but it’s nev...
Resources
Security Technology & Operations
Featured Blueprints
December 03, 2021
Security leaders view modernizing identity security as too daunting and prefer to focus on narrower technology challenges. This limited focus is re...
April 16, 2021
Vulnerabilities will always exist. Addressing these will consume your department’s time and resources, and your efforts will quickly become stale a...
March 12, 2021
Info-Tech has developed an approach to cloud security that is built on the strong foundations of our security strategy model that has been successf...
March 09, 2021
Ransomware has the attention of every executive team. The challenge is translating that attention into specific actions to improve your organizatio...
November 05, 2020
Weak identity and access management (IAM) practices result in considerable risk to the organization because IAM plays a role in most things in IT. ...
October 06, 2020
Info-Tech has developed an approach to cloud security that is built on the strong foundations of our security strategy model that has been successf...
September 18, 2020
Many security leaders put off adding metrics to their program because they don't know where to start or how to assess what is worth measuring.
August 10, 2020
Businesses prioritize speed to market over secure coding and testing practices in the development lifecycle. As a result, vulnerabilities exist nat...