Did you know Cybrary's video training is FREE? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
Instructor Kelly Handerhan will list important questions that must be asked if the CISO is to develop an effective security strategy for the organization. - Does the CISO routinely meet with or brief business management? - When was the last time top management got involved in security-related decisions? - How often does top management get involved in progressing security solutions? - Would people recognize a security incident if they saw one, and what would be their reaction? - Does management know who is responsible for security? - Does anyone know how many computers the company owns and would management now if some went missing? - Are damage assessment and disaster recovery plans in place? - Has management identified all information that would violate policy, legal, or regulatory requirements, or cause embarrassment/ competitive disadvantage if leaked? Course participants will learn the numerous pitfalls inherent in developing a security strategy that can compromise your organization's data. - Overconfidence- in inherent security, your own ability, or the abilities of your team - Optimism- you believe that "it won't happen to you," and if something does happen, that you can recover - Anchoring- As a CISO, you're too reliant on past experience or quantitative data - The status quo- Believing it will always be the way it has been - Mental accounting- being more willing to spend money in one place than another, no direct line to profit - The herding instinct- For senior managers the only thing worse than making a huge mistake is being the only one in the industry who makes it False consensus- CISOs may overestimate the extent that others share their views, or only seek out sources that support their views