Hire or Develop a World-Class CISO
Find a strategic and security-focused champion for your business.
Onsite Workshop
Without a world-class CISO, your organization can suffer from:
- Wasted resources (human and financial)
- Disconnect between information security priorities and the overall business
- Vulnerabilities and delays in implementing new business processes
- Increased downtime and financial loss following a security incident
A world-class, strategic CISO can provide the following benefits:
- Competitive business advantage through the secure implementation of innovative new business processes
- Improved security posture through improved alignment between security and the organization
- More efficient use of people and resources
- Better communication between CISO and executives / stakeholders
- More proactive and streamlined approach to security
Module 1: Assess Core Competencies and Security Process & Technology Maturity
The Purpose
- Understand the competencies and tasks required of a world-class Chief Information Security Officer (CISO) and which areas should be a priority for your organization.
- Create a high-altitude view of your security process and technology maturity.
Key Benefits Achieved
- Identify the competencies that are most important to your organizational needs.
- Understand current maturity of security processes and technologies, and which areas need remediation.
Activities: | Outputs: | |
---|---|---|
1.1 | CISO Core Competency Evaluation Tool |
|
1.2 | Security Process and Technology Maturity Assessment Tool |
|
1.3 | CISO Stakeholder Power Map Template |
|
1.4 | Security Governance Organizational Structure Template |
|
Module 2: Assess CISO Candidates and Develop a Hiring and Development Strategy for Your New CISO
The Purpose
- Create a plan to hire the new CISO.
- Establish an action plan for this person to remediate organizational security processes and technologies, as well as personal competencies and relationships.
Key Benefits Achieved
- Guide for the CEO/CXO to hire the new CISO and assess personal competencies.
- Plan to remediate the CISO’s personal competency gaps.
- Plan to cultivate CISO’s key stakeholder relationships.
- Plan to remediate security process and technology gaps.
Activities: | Outputs: | |
---|---|---|
2.1 | CISO Core Competency Evaluation Tool |
|
2.2 | CISO Stakeholder Management Strategy Template |
|
2.3 | Security Process and Technology Maturity Assessment Tool |
|
2.4 | CISO Development Plan Template |
|