Chief Cyber Security Officer skills and competencies

18,433 views

Published on

Chief Cyber Security Officer skills and competencies

Published in: Leadership & Management
14 Comments
22 Likes
Statistics
Notes
  • Thanks Frank!
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Its a new role that needs to be positioned outside IT to remain objective. It will provide oversight internally and externally it will act as the organizations company face of CyberSecurity.
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Its a new role in many organizations. Depending on the current leadership a skills gap analysis could be facilitated and a professional development plan created to bridge the gap. This is a management role that provides oversight for the CyberSecurity Program. If its going to be effective then it needs to be positioned outside of IT.
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Mark. Thanks, but I have a Question. Many people want to create a new role, but with your description I think that is a new role in responsibilities of CISO, or is necessary create a new role?
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • @Asaf Ahmad; mostly based on experience with exposure to systems engineering, network engineering, software engineering, security architecture and a lot of hands on ISO/IEC 27001 ISMS implementation work. I did validate it to some degree with my CISM, CISSP, CGEIT, CRISC, CISA, SABSA, CNA and PA credentials. I also looked at the CISO structure, but didn't feel that any of these had the requirements like architecture or program management addressed 100%. These latter competencies are very important based on my own experience to take security from the drawing board to sustainable reality.
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Views
Total views
18,433
On SlideShare
0
From Embeds
0
Number of Embeds
565
Actions
Shares
0
Downloads
373
Comments
14
Likes
22
Embeds 0
No embeds

No notes for slide

Chief Cyber Security Officer skills and competencies

  1. 1. Program Management The Cyber Security Program will require a leader with specific skills and competencies. In order to help facilitate the identification, selection and development of Chief Cyber Security Officers to lead this Enterprise wide program I’ve developed the following skills and competence matrix. This information has been shared freely by Mark E.S. Bernard. If you find it useful please acknowledge this contribution. If you would like additional information or assistance with the customization and implementation of a balanced risk management process for your security program then please contact Mark @ 604-349-6557 or mesbernard@gmail.com Chief Cyber Security Officer Security Leadership Security Governance Security Risk Management Security Architecture Manage Strategic & Tactical Plans Manage Committee ToR Manage RM Policy Oversee Information Arch. Consult on Application Arch. Consult on Technology Arch. Manage Communications Lead Risk Assessment Lead Risk Treatment Manage Risk Registry Manage the Team & Projects Manage Audits Facilitate Decision Points Allocate Resources Allocate Capital Manage Security SLA / OLA Manage Compliance Manage the Budget Lead SIRT Lead Monitoring & Reporting Manage related Docs & Records Facilitate RM Appetite Manage the Roadmap Engage Stakeholders Lead Due Diligence Manage Service Provider Risks Align with Enterprise Risk Manage External Inquiries Facilitate Biz Architecture. Manage Vulnerabilities Lead Monitoring & Reporting Lead Investigations

×