The First 100 Days as CISO | Info-Tech Research Group

Do not fill in this field

Enter no text in this field

Get Instant Access
to This Blueprint

Business Email

Full Name

Company

Phone

Job Title

Make a good first impression at your new job.
Obtain guidance on how you should approach the first 100 days.
Assess the current state of the security program and recommend areas of improvement and possible solutions.
Develop a high-level security strategy in three months.

Our Advice

Critical Insight

Every CISO needs to follow Info-Tech’s five-step approach to truly succeed in their new position. The meaning and expectations of a CISO role will differ from organization to organization and person to person, however, the approach to the new position will be relatively the same.
Eighty percent of your time will be spent listening. The first 100 days of the CISO role is an information gathering exercise that will involve several conversations with different stakeholders and business divisions. Leverage this collaborative time to understand the business, its internal and external operations, and its people. Unequivocally, active listening will build company trust and help you to build an information security vision that reflects that of the business strategy.
Start “working” before you actually start the job. This involves finding out as much information about the company before officially being an employee. Investigate the company website and leverage available organizational documents and initial discussions to better understand your employer’s leadership, company culture ,and business model.

Impact and Result

Hit the ground running with Info-Tech’s ready-made agenda vetted by CISO professionals to impress your colleagues and superiors.
Gather details needed to understand the organization (i.e. people, process, technology) and determine the current state of the security program.
Track and assess high-level security gaps using Info-Tech’s diagnostic tools and compare yourself to your industry’s vertical using benchmarking data.
Deliver an executive presentation that shows key findings obtained from your security evaluation.

The First 100 Days as CISO Research & Tools

Start here – read the Executive Brief

Read our concise Executive Brief to find out why the first 100 days of being a CISO is a crucial time to be strategic. Review Info-Tech’s methodology and discover our five-step approach to CISO success.

The First 100 Days as CISO – Executive Brief

1. Prepare

Review previous communications to prepare for your first day.

2. Build relationships

Understand how the business operates and develop meaningful relationships with your sphere of influence.

3. Inventory components of the business

Inventory company assets to know what to protect.

4. Assess security posture

Evaluate the security posture of the organization by leveraging Info-Tech’s IT Security diagnostic program.

5. Deliver plan

Communicate your security vision to business stakeholders.

Member Testimonials

After each Info-Tech experience, we ask our members to quantify the real-time savings, monetary impact, and project improvements our research helped them achieve. See our top member experiences for this blueprint and what our clients have to say.

10.0/10

Overall Impact

50

Average Days Saved

Client

Experience

Impact

$ Saved

Days Saved

Testimonial

Tech Data Corporation

Guided Implementation

10/10

N/A

50

The Corporation of the City of Timmins

Guided Implementation

8/10

N/A

N/A

no complaints!

About Info-Tech

Info-Tech Research Group is the world’s fastest-growing information technology research and advisory company, proudly serving over 30,000 IT professionals.

We produce unbiased and highly relevant research to help CIOs and IT leaders make strategic, timely, and well-informed decisions. We partner closely with IT teams to provide everything they need, from actionable tools to analyst guidance, ensuring they deliver measurable results for their organizations.

What Is a Blueprint?

A blueprint is designed to be a roadmap, containing a methodology and the tools and templates you need to solve your IT problems.

Each blueprint can be accompanied by a Guided Implementation that provides you access to our world-class analysts to help you get through the project.

Table of Contents

Need Extra Help?
Speak With An Analyst

Get the help you need in this 4-phase advisory process. You'll receive 6 touchpoints with our researchers, all included in your membership.

Guided Implementation 1: Prepare

Call 1: Prepare before you start.

Guided Implementation 2: Build relationships and inventory components of the business

Call 1: Understand the business.

Guided Implementation 3: Assess security posture

Call 1: Evaluate the business’ security posture using the Info-Tech Diagnostic Program.
Call 2: Review Security Governance and Management Scorecard.
Call 3: Review IT Business Satisfaction and Alignment Report

Guided Implementation 4: Deliver plan

Call 1: Build Executive Deck

Author

Michelle Tran

Contributors

Chris Wolski CISO, Port Houston
Sean Walls, VP & CISO, Visionworks of America
Jon Culter, CISO
Michael Welch, Managing Director, MorganFranklin Strategy
Michalis Kamprianis, CISO, SUSE
Kunal Sehgal, CISO
Dimitrios Stergiou, CISO, Trustly
Baba Gurjeet Bedi, Advisory CISO, Xirocco, Ltd.
3 anonymous company contributors

Search Code: 94051
Last Revised: September 21, 2020

TAGS:

Security Strategy, Security Governance, Security Requirements, CISO checklist, Chief information security officer, Security Manager, IT Director

Visit our IT Cost Optimization Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019