#60 - CISO Knowledge Domains Part 2

CISO Tradecraft® - En podcast af CISO Tradecraft® - Mandage

Kategorier:

One of the most common questions that we get asked on CISO Tradecraft is what do I need to learn to be a good CISO?  After a lot of reflection, CISO Tradecraft put together a Top 10 List of CISO knowledge domains that we believe are the core skills which produce really good CISOs.  This episode is a continuation from the previous episode and will go over the 6th -10th knowledge areas. Product Security focuses on ensuring developers write secure code Defensive Technologies focuses on creating multiple layers of defenses in an organization to protect against a multitude of attacks Detection & Response Capabilities is about creating mechanisms to identify how attackers might circumvent your organization’s defensive technologies Laws, Regulations, & Oversight is about ensuring compliance with appropriate laws and regulations Enabling Technologies is about enabling businesses to create digital transformation Risk Management is about effectively identifying what are the biggest risks to the company, what's the likelihood and magnitude of a potential attack, and how to estimate the cost of remediation Governance is about understanding what technology your organization uses so you can effectively manage it through a process Identity & Access Management is about limiting the scope of an attacker who could cause harm to your organization Business Management & Leadership is an essential skill for executives to lead and influence others Security Culture is about building an organization where the entire company becomes resilient https://github.com/cisotradecraft/podcast Infographic:

Visit the podcast's native language site