The Chief Information Security Officer: Insights, tools and survival skills
By Barry Kouns and Jake Kouns
1/5
()
About this ebook
The serious and ever-changing nature of today’s security threats demand a strategic-minded response, and a successful CISO will always be thinking about how to gain business objectives through enabling technology while properly managing risk.
This pocket guide emphasises the importance of a suitable information security management system (ISMS) and the risk management methodolgy that should be at its heart.
Barry Kouns
Barry Kouns is a security and risk management expert with over 25 years of experience in information security consulting, risk assessment and quality management. Barry formed and operates SQM-Advisors, an information security, risk assessment and IT service management firm that has led eight organisations to ISO/IEC 27001:2005 certification. He is frequently quoted in magazines and news articles on information security and has held the position of Trainer for the British Standards Institute (BSI). He holds a BS in Statistics and an MS in Industrial Engineering Management. Barry has earned the CISSP designation and is a trained ISO/IEC/27001 Lead Auditor and ISMS Implementer, and is ITIL Foundation certified.
Related to The Chief Information Security Officer
Related ebooks
Nine Steps to Success: An ISO27001:2013 Implementation Overview Rating: 1 out of 5 stars1/5Application Security in the ISO27001 Environment Rating: 0 out of 5 stars0 ratingsSelling Information Security to the Board: A Primer Rating: 0 out of 5 stars0 ratingsBuilding Effective Cybersecurity Programs: A Security Manager’s Handbook Rating: 4 out of 5 stars4/5Cybersecurity ABCs: Delivering awareness, behaviours and culture change Rating: 0 out of 5 stars0 ratingsBusiness Practical Security Rating: 0 out of 5 stars0 ratingsInformation Security for Small and Midsized Businesses Rating: 0 out of 5 stars0 ratingsBuilding an Effective Cybersecurity Program, 2nd Edition Rating: 0 out of 5 stars0 ratingsSecurity Operations: CISSP, #7 Rating: 0 out of 5 stars0 ratingsInfosec Management Fundamentals Rating: 5 out of 5 stars5/5Information Security Management Principles Rating: 3 out of 5 stars3/5Asset Security: CISSP, #2 Rating: 0 out of 5 stars0 ratingsInformation Security Governance: A Practical Development and Implementation Approach Rating: 0 out of 5 stars0 ratingsInformation Security A Practical Guide: Bridging the gap between IT and management Rating: 5 out of 5 stars5/5The Case for ISO27001:2013 Rating: 1 out of 5 stars1/5Risk Management and Information Systems Control Rating: 5 out of 5 stars5/5The Manager’s Guide to Enterprise Security Risk Management: Essentials of Risk-Based Security Rating: 0 out of 5 stars0 ratingsThe Human Fix to Human Risk: 5 Steps to Fostering a Culture of Cyber Security Awareness Rating: 0 out of 5 stars0 ratingsHow Cyber Security Can Protect Your Business: A guide for all stakeholders Rating: 0 out of 5 stars0 ratingsInsider Threat: A Guide to Understanding, Detecting, and Defending Against the Enemy from Within Rating: 0 out of 5 stars0 ratingsBuilding a Practical Information Security Program Rating: 5 out of 5 stars5/5Transformational Security Awareness: What Neuroscientists, Storytellers, and Marketers Can Teach Us About Driving Secure Behaviors Rating: 0 out of 5 stars0 ratingsThe Chief Security Officer’s Handbook: Leading Your Team into the Future Rating: 0 out of 5 stars0 ratingsSecurity Operations Center - SIEM Use Cases and Cyber Threat Intelligence Rating: 0 out of 5 stars0 ratingsInformation Security Auditor: Careers in information security Rating: 0 out of 5 stars0 ratingsManaging Information Security Breaches: Studies from real life Rating: 0 out of 5 stars0 ratingsCyber Essentials: A Pocket Guide Rating: 5 out of 5 stars5/5Executive's Guide to Cyber Risk: Securing the Future Today Rating: 0 out of 5 stars0 ratings
Security For You
Hacking : The Ultimate Comprehensive Step-By-Step Guide to the Basics of Ethical Hacking Rating: 5 out of 5 stars5/5Cybersecurity For Dummies Rating: 4 out of 5 stars4/5Hacking For Dummies Rating: 4 out of 5 stars4/5How to Become Anonymous, Secure and Free Online Rating: 5 out of 5 stars5/5Practical Lock Picking: A Physical Penetration Tester's Training Guide Rating: 5 out of 5 stars5/5Mike Meyers CompTIA Security+ Certification Passport, Sixth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5CompTIA Security+ Study Guide: Exam SY0-601 Rating: 5 out of 5 stars5/5Wireless Hacking 101 Rating: 4 out of 5 stars4/5Destination CISSP Rating: 3 out of 5 stars3/5Cybersecurity: The Beginner's Guide: A comprehensive guide to getting started in cybersecurity Rating: 5 out of 5 stars5/5Cybersecurity All-in-One For Dummies Rating: 0 out of 5 stars0 ratingsMake Your Smartphone 007 Smart Rating: 4 out of 5 stars4/5CompTIA Security+ Certification Study Guide, Fourth Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Remote/WebCam Notarization : Basic Understanding Rating: 3 out of 5 stars3/5CompTIA CySA+ Practice Tests: Exam CS0-002 Rating: 0 out of 5 stars0 ratingsCodes and Ciphers - A History of Cryptography Rating: 4 out of 5 stars4/5IAPP CIPP / US Certified Information Privacy Professional Study Guide Rating: 0 out of 5 stars0 ratingsNetwork+ Study Guide & Practice Exams Rating: 4 out of 5 stars4/5Tor and the Dark Art of Anonymity Rating: 5 out of 5 stars5/5The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders and Deceivers Rating: 4 out of 5 stars4/5CompTIA Network+ Review Guide: Exam N10-008 Rating: 0 out of 5 stars0 ratingsMike Meyers' CompTIA Security+ Certification Guide, Third Edition (Exam SY0-601) Rating: 5 out of 5 stars5/5Real-World Cryptography Rating: 4 out of 5 stars4/5How to Hack Like a Pornstar Rating: 5 out of 5 stars5/5How to Hack Like a GOD: Master the secrets of hacking through real-life hacking scenarios Rating: 4 out of 5 stars4/5Hacking : Guide to Computer Hacking and Penetration Testing Rating: 5 out of 5 stars5/5Handbook of Digital Forensics and Investigation Rating: 4 out of 5 stars4/5Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers Rating: 4 out of 5 stars4/5
Reviews for The Chief Information Security Officer
1 rating0 reviews
Book preview
The Chief Information Security Officer - Barry Kouns
Resources
INTRODUCTION
This book is divided into eight chapters designed to introduce you to the CISO position by discussing the tools used by the most effective CISOs and how current CISOs can grow with the challenges of the position. A brief description of each chapter follows:
Chapter 1 The nature of the CISO role: The CISO is bombarded with new issues on a daily basis, making it one of the most challenging positions in organizations today. CISOs find themselves held responsible for the protection of the organization’s information, but often reporting to the CIO who is rewarded for making the organization’s information more readily available to all.
Chapter 2 The traditional CISO job description: The CISO is responsible for overseeing the overall corporate security strategy, security architecture and security function. The scope of the role traditionally covers all implemented security technologies and services, including security applications, perimeter defenses, physical and logical access control, and access management for all employees, contractors and visitors.
Chapter 3 The changing CISO role: The experience and skills that made yesterday’s CISO successful will no longer meet today’s organizational needs. While still very much a technologist, today’s CISO must have excellent communication and presentation skills, be able to understand everything as a process and demonstrate keen business acumen.
Chapter 4 The new CISO’s toolbox: Today’s CISO cannot remain just a master technician, but needs to develop the skills of a leader, facilitator, communicator and an agent of change. Today’s CISO needs to prepare to be a trusted adviser to senior management who can translate information security threats and business risk into terms that stakeholders can relate to and understand the