CHAPTER 65
ROLE OF THE CISO
Karen F. Worstell
65.2.1 Reliance on Digital Information
65.2.2 Inherent Insecurity of Systems
65.3 STRATEGY, GOVERNANCE, AND THE STANDARD OF CARE
65.3.2 Governance and Accountability
65.3.3 Roles and Responsibilities
65.5 RECOMMENDATIONS FOR SUCCESS FOR CISOs
65.5.1 Education and Experience
65.5.2 “Culture” of Security in the Business
65.5.3 Alliance with Corporate and Outside Counsel
65.5.4 Partnership with Internal Audit
65.5.6 Organizational Structure
65.5.7 Responsibilities and Opportunities outside of CISO Internal Responsibilities
65.1 CISO AS CHANGE AGENT.
The title of chief information security officer (CISO) has evolved because of the realization that the function of the chief information officer (CIO) is so broad as to require another person to focus specifically on the security elements of information. Another motivation derives from the fact that the CISO can perform functions that are not usually associated with the CIO. Our approach to information security needs to change in response to the disruptive events affecting the network and the boardroom. CISOs should be the change agents to make this happen. This is a shift from the majority of CISOs' emphasis today as senior managers of information ...
Get Computer Security Handbook, Fifth Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
