Top chief information security officer skills needed to get the job.

Get new comments by email
You can cancel email alerts at anytime.
Comments (3)


What are the top 3 traits or skills every chief information security officer must have to excel?

Can you suggest any tips or insights to develop your chief information security officer expertise?

Reply - Report abuse

William Malik in New Canaan, Connecticut

114 months ago

An effective CISO manages three separate but interrelated teams. In many organizations this management is indirect, but a few actually have substantial staffs reporting to the CISO. One team manages access requests, usually through a provisioning tool. this team may be part of the help test. The second team builds and deploys the policy, procedures, security architecture and training materials. This team may reside in an architecture or policy organization. The third team handles cyber security incidents and may go under the name of a CERT or CIRT. These technical specialists usually report through the technical support organization and only come together as a team to train and to handle incidents. In larger organizations with frequent attacks there may be a full time person or team, in most organizations some or all of the CERT may report through other departments in the IT organization.
In addition to managing these three activities, the CISO informs the executive leadership and Board of the firm's risk management portfolio - the set of risks the firm owns and the set of measures in place to mitigate these risks.
For more information, please see my book on corporate information security program design, coming out later this year.
Best regards,
Bill Malik, CISA

- Was this comment helpful?
Reply - Report abuse

wow in Austin, Texas

107 months ago

That was wrong advice. That's not the way many infosec shops are set up. How about eforensics? A pen testing team?

Sell books much?

- Was this comment helpful?
Reply - Report abuse

» Sign in or create an account to comment on this topic.