Chief Information Security Officer (CISO) Notes

Join Cybrary

Module 1 - Introduction & Overview (Click to View Notes)

This lesson will focus on the reasons why we need a CISO and why information security is an executive level responsibility.You will learn about the various threats to our data including:Identity theft, which claims over 15 million victims  with loss [view]


Module 2 - Information Security Governance (Click to View Notes)

This lesson will cover information security governance within the role of the CISO.Information security governance is the set of responsibilities and practices implemented by the board and senior management for protecting the C-I-A of information.  [view]


Module 3 - Risk Management (Click to View Notes)

This lesson covers the importance of risk management as an ongoing activity.  Risks to data security must be monitored constantly to detect if new risks have arisen or if mitigation strategies are no longer effective. Strategies must be in place to [view]


Module 4 - Developing a Security Strategy (Click to View Notes)

In this lesson you will learn about the desired state: what is the vision for all relevant conditions at a particular point in the future?  What principles, policies, and standards are needed to get us there?  Which well-known frameworks can help u [view]


Module 5 - Policies, Procedures, Standards & Guidelines (Click to View Notes)

This lesson wraps up our section on policy.  Instructor Kelly Handerhan will leave you with some practical suggestions that should make your policy writing much more effective and easily understood; which will only enhance compliance.Less is more; d [view]


Module 6 - Information Security Technology (Click to View Notes)

In this lesson we will look at data in transit; data moving from one location to another.Traditionally protocols haven’t been designed with security integrated.  Using IPv4 as an example; what is built in to secure IPv4?  The answer is nothing. [view]


Module 7 - Incident Management (Click to View Notes)

Eradicate and remediateRemove malwareRe-image and/or rebuild systemsRestore from mediaRestore from backupsDelete/disable accountsSystem and network device hardeningIncrease log monitoringScan systemsLessons learnedDebrief incident response teamDocume [view]


Module 8 - Business Continuity & Disaster Recovery (Click to View Notes)

Plan and design developmentNow that all the research and planning has been done, this phase is where the actual plan is writtenShould address: responsibility, authority, priorities, testing.ImplementationPlan is often created for an enterprise with i [view]


Module 9 - Conclusion (Click to View Notes)

Module 1: Overview, why do we need a CISO?Module 2: Information Security GovernanceModule 3: Risk managementModule 4: Developing a security strategyModule 5: Policies procedures standards and guidelinesModule 6: Information Security TechnologyModule [view]


Join Cybrary

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel