< All Chief Information Security Officer (CISO) Notes
Next Module Notes >

richardb8006 | Chief Information Security Officer (CISO) | Module 1 - Introduction & Overview

By: richardb8006 | Related Course: Chief Information Security Officer (CISO) | Published: February 4, 2018 | Modified: February 4, 2018
Join Cybrary

NotepadModule 1 - Why We Need CISOs

This lesson will focus on the reasons why we need a CISO and why information security is an executive level responsibility.

You will learn about the various threats to our data including:

  • Identity theft, which claims over 15 million victims  with losses near $50 billion dollars
  • Credit card fraud that results in over $16 billion dollars in lost
  • That over 21 million records of government employees were breached in 2015
  • $18 million dollars in losses to ransomware
  • Millions of dollars in fines due to non-compliance with HIPPA, PCI-DSS, etc.

The importance of elevating information security to the executive level to provide adequate protection for our data will be discussed.

The course participant will learn the benefits of “top down management” regarding data security where senior management support and provide resources for the security function.  You will learn why a “bottom up” management style will ultimately compromise the organization’s data security.

Participants will learn how incorporating security governance into senior management will ultimately create a greater compliance, avoid liability for losses, and create greater trust with your customers.

The six outcomes of effective security governance are covered in detail, and the negative impacts of excessive security.  Find out why, if security governance is in place; we will have a better risk management implementation.

Benefits to effective information security governance:

  • Greater likelihood of maitaining compliance
  • Documented efforts of due care and due dilligence
  • Increasing predictability and reducing uncertainty of operations
  • Provides a reasonable assurance that critical business decisions are not made on faulty information
  • Improves trust in customer relationships
  • Enhances the reputation of the enterprise
  • Provides accountability for protecting information
  • Assists in effectively managing information security resources

Six outcomes of Effective security governance:

  • Strategic alignment – information security should align directly with business strategy to support organization objectives
  • Risk management – Executing appropriate measures to mitigate risks to an acceptable level
  • Resource optimization – Using information security knowledge and infrastructure efficiently

 

Next Module Notes >
< All Chief Information Security Officer (CISO) Notes
Join Cybrary

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel