SlideShare a Scribd company logo

vCIO vCISO - Information Technology and Security Strategy.pptx

Download as PPTX, PDF
A
Art Ocain

At Airiam, I act as Field CISO (vCISO) and Field CIO (vCIO) for clients. Sometimes, I handle both roles. This slide deck is my first meeting with my clients.

Business
1 of 8
vCIO/vCISO IT and Security Strategy Monthly Strategy Meetings by Art Ocain, vCIO/vCISO at Airiam
Understand the business and current IT strategy and cyber strategy Assess & update current IT and security strategy Create & update Information Security Program Create & update Disaster Recovery Plan and Incident Response Plan Develop Technology Roadmap Develop Technology Budget Business Alignment Improve Business Outcomes IT & Security Architectural Design IT Risk Management IT Change Management Ongoing Oversight of IT Initiatives Technical Alignment vCIO Processes vCIO Responsibilities
Strategic Planning IT Strategy
IT Strategic Plan Think: • Immediate Needs • 1 Year Plan • 3 Year Plan • 5 Year Plan 1 Assemble a cross- functional team (IT + Business Leaders) 2 Understand business strategy and objectives 3 Assess current state of IT 4 Identify desired future state 5 Conduct a gap analysis 6 Analyze scenarios and strategic options 7 Define strategic objectives 8 Create roadmap 9 Identify success metrics Success Metrics Roadmap Strategic IT Objectives Desired Future State Current State of IT Business Goals
Strategic Planning Information Security Strategy
Information Security Strategic Plan Think: • Immediate Needs • 1 Year Plan • 3 Year Plan • 5 Year Plan Assemble a cross- functional team (IT + Business Leaders) Understand business strategy and objectives Conduct a risk assessment Identify compliance constraints Select a security framework (NIST CSF, ISO 27001, etc.) Select a security architectural model (zero trust, castle- and-moat, defense- in-depth, etc.) Identify desired future state Conduct a gap analysis Analyze scenarios and strategic options Define strategic objectives Create roadmap Identify success metrics Success Metrics Roadmap Strategic Objectives Desired Future State Framework & Strategy Compliance Req’s Current State of Infosec Business Goals
Cybersecurity Information Security Program
Risk & Vulnerability Management Controls Policies & Plans • Asset Inventory • Risk Assessment • Vulnerability Management • Penetration Testing • User Access/Rights Review • Remediation • Multifactor Authentication • Security Awareness Training • Phishing Simulations • Endpoint Detection & Response • Microsegmentation • Encryption • Access Control • Vendor Due Diligence • Continuous Monitoring • Acceptable Use Policy • Clean Desk & Screen Lock Policy • Data Retention & Destruction Policy • Encryption Policy • Credentials/Password Policy • IT Change Management Policy • Incident Response Plan • Disaster Recovery Plan Information Security Program Governance Strategy & Plan

Recommended

Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterMichael Nickle
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation centerMuhammad Sahputra
 
Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityEnterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityThe Open Group SA
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee TrainingPaige Rasid
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...BCM Institute
 

Recommended

Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesKrist Davood - Principal - CIO
 
SOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterSOC presentation- Building a Security Operations Center
SOC presentation- Building a Security Operations CenterMichael Nickle
 
An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)An introduction to SOC (Security Operation Center)
An introduction to SOC (Security Operation Center)Ahmad Haghighi
 
Next-Gen security operation center
Next-Gen security operation centerNext-Gen security operation center
Next-Gen security operation centerMuhammad Sahputra
 
Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityEnterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityThe Open Group SA
 
Cybersecurity Employee Training
Cybersecurity Employee TrainingCybersecurity Employee Training
Cybersecurity Employee TrainingPaige Rasid
 
Security operation center (SOC)
Security operation center (SOC)Security operation center (SOC)
Security operation center (SOC)Ahmed Ayman
 
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...
Cyber Resilience – Strengthening Cybersecurity Posture & Preparedness by Phil...BCM Institute
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتReZa AdineH
 
Roadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesRoadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesGreenway Health
 
Security Operation Center - Design & Build
Security Operation Center - Design & BuildSecurity Operation Center - Design & Build
Security Operation Center - Design & BuildSameer Paradia
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023PECB
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation CenterS.E. CTS CERT-GOV-MD
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehReZa AdineH
 
Cyber Security roadmap.pptx
Cyber Security roadmap.pptxCyber Security roadmap.pptx
Cyber Security roadmap.pptxSandeepK707540
 
Building A Security Operations Center
Building A Security Operations CenterBuilding A Security Operations Center
Building A Security Operations CenterSiemplify
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Managementasherad
 
Microsoft Sentinel- a cloud native SIEM & SOAR.pdf
Microsoft Sentinel- a cloud native SIEM & SOAR.pdfMicrosoft Sentinel- a cloud native SIEM & SOAR.pdf
Microsoft Sentinel- a cloud native SIEM & SOAR.pdfKranthi Aragonda
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1Priyanka Aash
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center FundamentalAmir Hossein Zargaran
 
Enterprise Security Architecture Design
Enterprise Security Architecture DesignEnterprise Security Architecture Design
Enterprise Security Architecture DesignPriyanka Aash
 
End User Security Awareness Presentation
End User Security Awareness PresentationEnd User Security Awareness Presentation
End User Security Awareness PresentationCristian Mihai
 
NIST cybersecurity framework
NIST cybersecurity frameworkNIST cybersecurity framework
NIST cybersecurity frameworkShriya Rai
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security RoadmapElliott Franklin
 
How To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete DeckHow To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete DeckSlideTeam
 
SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?Jonathan Sinclair
 
Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEryk Budi Pratama
 
MS IT-strategy.pptx
MS IT-strategy.pptxMS IT-strategy.pptx
MS IT-strategy.pptxMohamed Salama PMP OCP ITIL
 

More Related Content

What's hot

Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتReZa AdineH
 
Roadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesRoadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesGreenway Health
 
Security Operation Center - Design & Build
Security Operation Center - Design & BuildSecurity Operation Center - Design & Build
Security Operation Center - Design & BuildSameer Paradia
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023PECB
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation CenterS.E. CTS CERT-GOV-MD
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehReZa AdineH
 
Cyber Security roadmap.pptx
Cyber Security roadmap.pptxCyber Security roadmap.pptx
Cyber Security roadmap.pptxSandeepK707540
 
Building A Security Operations Center
Building A Security Operations CenterBuilding A Security Operations Center
Building A Security Operations CenterSiemplify
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Edureka!
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Managementasherad
 
Microsoft Sentinel- a cloud native SIEM & SOAR.pdf
Microsoft Sentinel- a cloud native SIEM & SOAR.pdfMicrosoft Sentinel- a cloud native SIEM & SOAR.pdf
Microsoft Sentinel- a cloud native SIEM & SOAR.pdfKranthi Aragonda
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1Priyanka Aash
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center FundamentalAmir Hossein Zargaran
 
Enterprise Security Architecture Design
Enterprise Security Architecture DesignEnterprise Security Architecture Design
Enterprise Security Architecture DesignPriyanka Aash
 
End User Security Awareness Presentation
End User Security Awareness PresentationEnd User Security Awareness Presentation
End User Security Awareness PresentationCristian Mihai
 
NIST cybersecurity framework
NIST cybersecurity frameworkNIST cybersecurity framework
NIST cybersecurity frameworkShriya Rai
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security RoadmapElliott Franklin
 
How To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete DeckHow To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete DeckSlideTeam
 
SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?Jonathan Sinclair
 

What's hot (20)

Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
 
Roadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesRoadmap to IT Security Best Practices
Roadmap to IT Security Best Practices
 
Security Operation Center - Design & Build
Security Operation Center - Design & BuildSecurity Operation Center - Design & Build
Security Operation Center - Design & Build
 
Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023Cybersecurity trends - What to expect in 2023
Cybersecurity trends - What to expect in 2023
 
Building Security Operation Center
Building Security Operation CenterBuilding Security Operation Center
Building Security Operation Center
 
Effective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza AdinehEffective Security Operation Center - present by Reza Adineh
Effective Security Operation Center - present by Reza Adineh
 
Cyber Security roadmap.pptx
Cyber Security roadmap.pptxCyber Security roadmap.pptx
Cyber Security roadmap.pptx
 
Building A Security Operations Center
Building A Security Operations CenterBuilding A Security Operations Center
Building A Security Operations Center
 
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
Cybersecurity Frameworks | NIST Cybersecurity Framework | Cybersecurity Certi...
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
 
Microsoft Sentinel- a cloud native SIEM & SOAR.pdf
Microsoft Sentinel- a cloud native SIEM & SOAR.pdfMicrosoft Sentinel- a cloud native SIEM & SOAR.pdf
Microsoft Sentinel- a cloud native SIEM & SOAR.pdf
 
SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1SOC Architecture Workshop - Part 1
SOC Architecture Workshop - Part 1
 
Security Operation Center Fundamental
Security Operation Center FundamentalSecurity Operation Center Fundamental
Security Operation Center Fundamental
 
Enterprise Security Architecture Design
Enterprise Security Architecture DesignEnterprise Security Architecture Design
Enterprise Security Architecture Design
 
End User Security Awareness Presentation
End User Security Awareness PresentationEnd User Security Awareness Presentation
End User Security Awareness Presentation
 
NIST cybersecurity framework
NIST cybersecurity frameworkNIST cybersecurity framework
NIST cybersecurity framework
 
Building an effective Information Security Roadmap
Building an effective Information Security RoadmapBuilding an effective Information Security Roadmap
Building an effective Information Security Roadmap
 
How To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete DeckHow To Present Cyber Security To Senior Management Complete Deck
How To Present Cyber Security To Senior Management Complete Deck
 
SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?SOC: Use cases and are we asking the right questions?
SOC: Use cases and are we asking the right questions?
 

Similar to vCIO vCISO - Information Technology and Security Strategy.pptx

Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEryk Budi Pratama
 
Crafting a winning ICT Strategy .pptx
Crafting a winning ICT Strategy .pptxCrafting a winning ICT Strategy .pptx
Crafting a winning ICT Strategy .pptxPeterOwenje1
 
A framework for an organization to use in determining if it needs a ciso
A framework for an organization to use in determining if it needs a cisoA framework for an organization to use in determining if it needs a ciso
A framework for an organization to use in determining if it needs a cisoMax Justice
 
Enterprise Architecture Tools By Eacomposer
Enterprise Architecture Tools By EacomposerEnterprise Architecture Tools By Eacomposer
Enterprise Architecture Tools By Eacomposereacomposer
 
IT Strategic Planning Guide
IT Strategic Planning GuideIT Strategic Planning Guide
IT Strategic Planning GuideMary Patry
 
Project Portfolio Optimization and Governance
Project Portfolio Optimization and GovernanceProject Portfolio Optimization and Governance
Project Portfolio Optimization and GovernanceValue Amplify Consulting
 
Using Technology Transformation Effectively To Improve It Business Alignment
Using Technology Transformation Effectively To Improve It Business AlignmentUsing Technology Transformation Effectively To Improve It Business Alignment
Using Technology Transformation Effectively To Improve It Business AlignmentPritam Dey
 
BI Presentation Nashville CIO Council
BI Presentation Nashville CIO CouncilBI Presentation Nashville CIO Council
BI Presentation Nashville CIO CouncilThomas Danford
 
Gail Gillis Resume vMarch 2015
Gail Gillis Resume vMarch 2015Gail Gillis Resume vMarch 2015
Gail Gillis Resume vMarch 2015Gail Gillis
 
Managing Your IT Portfolio
Managing Your IT PortfolioManaging Your IT Portfolio
Managing Your IT PortfolioBill Wimsatt
 
Ibrahim alamri cv 20199 new
Ibrahim alamri cv 20199 newIbrahim alamri cv 20199 new
Ibrahim alamri cv 20199 newAlamer Omani
 
Togaf – an overview of enterprise architecture
Togaf – an overview of enterprise architectureTogaf – an overview of enterprise architecture
Togaf – an overview of enterprise architectureKhawar Naseem
 

Similar to vCIO vCISO - Information Technology and Security Strategy.pptx (20)

Enterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating ModelEnterprise Cybersecurity: From Strategy to Operating Model
Enterprise Cybersecurity: From Strategy to Operating Model
 
MS IT-strategy.pptx
MS IT-strategy.pptxMS IT-strategy.pptx
MS IT-strategy.pptx
 
unit 3.pptx
unit 3.pptxunit 3.pptx
unit 3.pptx
 
IT Risk Assessments
IT Risk AssessmentsIT Risk Assessments
IT Risk Assessments
 
Crafting a winning ICT Strategy .pptx
Crafting a winning ICT Strategy .pptxCrafting a winning ICT Strategy .pptx
Crafting a winning ICT Strategy .pptx
 
A framework for an organization to use in determining if it needs a ciso
A framework for an organization to use in determining if it needs a cisoA framework for an organization to use in determining if it needs a ciso
A framework for an organization to use in determining if it needs a ciso
 
Enterprise Architecture Tools By Eacomposer
Enterprise Architecture Tools By EacomposerEnterprise Architecture Tools By Eacomposer
Enterprise Architecture Tools By Eacomposer
 
Light Membership
Light MembershipLight Membership
Light Membership
 
IT Strategic Planning Guide
IT Strategic Planning GuideIT Strategic Planning Guide
IT Strategic Planning Guide
 
Building an IT Roadmap (C.Hanckowiak)
Building an IT Roadmap (C.Hanckowiak)Building an IT Roadmap (C.Hanckowiak)
Building an IT Roadmap (C.Hanckowiak)
 
Project Portfolio Optimization and Governance
Project Portfolio Optimization and GovernanceProject Portfolio Optimization and Governance
Project Portfolio Optimization and Governance
 
Using Technology Transformation Effectively To Improve It Business Alignment
Using Technology Transformation Effectively To Improve It Business AlignmentUsing Technology Transformation Effectively To Improve It Business Alignment
Using Technology Transformation Effectively To Improve It Business Alignment
 
BI Presentation Nashville CIO Council
BI Presentation Nashville CIO CouncilBI Presentation Nashville CIO Council
BI Presentation Nashville CIO Council
 
Gail Gillis Resume vMarch 2015
Gail Gillis Resume vMarch 2015Gail Gillis Resume vMarch 2015
Gail Gillis Resume vMarch 2015
 
Managing Your IT Portfolio
Managing Your IT PortfolioManaging Your IT Portfolio
Managing Your IT Portfolio
 
Ibrahim alamri cv 20
Ibrahim alamri cv 20Ibrahim alamri cv 20
Ibrahim alamri cv 20
 
Ibrahim alamri cv
Ibrahim alamri cvIbrahim alamri cv
Ibrahim alamri cv
 
Ibrahim alamri cv 20199 new
Ibrahim alamri cv 20199 newIbrahim alamri cv 20199 new
Ibrahim alamri cv 20199 new
 
CGEIT sertifikacija
CGEIT sertifikacijaCGEIT sertifikacija
CGEIT sertifikacija
 
Togaf – an overview of enterprise architecture
Togaf – an overview of enterprise architectureTogaf – an overview of enterprise architecture
Togaf – an overview of enterprise architecture
 

More from Art Ocain

Applying the MITRE CREF.pptx
Applying the MITRE CREF.pptxApplying the MITRE CREF.pptx
Applying the MITRE CREF.pptxArt Ocain
 
Accidental Resiliency - MITRE ResilienCyCon 2022-draft-PRE-MARKETING -grey.pptx
Accidental Resiliency - MITRE ResilienCyCon 2022-draft-PRE-MARKETING -grey.pptxAccidental Resiliency - MITRE ResilienCyCon 2022-draft-PRE-MARKETING -grey.pptx
Accidental Resiliency - MITRE ResilienCyCon 2022-draft-PRE-MARKETING -grey.pptxArt Ocain
 
Accidental Resiliency - Global Resilience Federation (GRF) Business Resilienc...
Accidental Resiliency - Global Resilience Federation (GRF) Business Resilienc...Accidental Resiliency - Global Resilience Federation (GRF) Business Resilienc...
Accidental Resiliency - Global Resilience Federation (GRF) Business Resilienc...Art Ocain
 
Cybersecurity for Small Business - Incident Response.pptx
Cybersecurity for Small Business - Incident Response.pptxCybersecurity for Small Business - Incident Response.pptx
Cybersecurity for Small Business - Incident Response.pptxArt Ocain
 
MePush Leadership Fundamentals - Week 5
MePush Leadership Fundamentals - Week 5MePush Leadership Fundamentals - Week 5
MePush Leadership Fundamentals - Week 5Art Ocain
 
MePush Leadership Fundamentals - Week 4
MePush Leadership Fundamentals - Week 4MePush Leadership Fundamentals - Week 4
MePush Leadership Fundamentals - Week 4Art Ocain
 
MePush Leadership Fundamentals - Week 3
MePush Leadership Fundamentals - Week 3MePush Leadership Fundamentals - Week 3
MePush Leadership Fundamentals - Week 3Art Ocain
 
MePush Leadership Fundamentals - Week 2
MePush Leadership Fundamentals - Week 2MePush Leadership Fundamentals - Week 2
MePush Leadership Fundamentals - Week 2Art Ocain
 
Anatomy of a Ransomware Event
Anatomy of a Ransomware EventAnatomy of a Ransomware Event
Anatomy of a Ransomware EventArt Ocain
 
MePush Leadership Fundamentals - Week 1
MePush Leadership Fundamentals - Week 1MePush Leadership Fundamentals - Week 1
MePush Leadership Fundamentals - Week 1Art Ocain
 
Control Your Data: 3 Steps for Data Governance for Work from Home Staff
Control Your Data: 3 Steps for Data Governance for Work from Home StaffControl Your Data: 3 Steps for Data Governance for Work from Home Staff
Control Your Data: 3 Steps for Data Governance for Work from Home StaffArt Ocain
 
Be More Secure than your Competition: MePush Cyber Security for Small Business
Be More Secure than your Competition: MePush Cyber Security for Small BusinessBe More Secure than your Competition: MePush Cyber Security for Small Business
Be More Secure than your Competition: MePush Cyber Security for Small BusinessArt Ocain
 
Internet safety and you
Internet safety and youInternet safety and you
Internet safety and youArt Ocain
 

More from Art Ocain (13)

Applying the MITRE CREF.pptx
Applying the MITRE CREF.pptxApplying the MITRE CREF.pptx
Applying the MITRE CREF.pptx
 
Accidental Resiliency - MITRE ResilienCyCon 2022-draft-PRE-MARKETING -grey.pptx
Accidental Resiliency - MITRE ResilienCyCon 2022-draft-PRE-MARKETING -grey.pptxAccidental Resiliency - MITRE ResilienCyCon 2022-draft-PRE-MARKETING -grey.pptx
Accidental Resiliency - MITRE ResilienCyCon 2022-draft-PRE-MARKETING -grey.pptx
 
Accidental Resiliency - Global Resilience Federation (GRF) Business Resilienc...
Accidental Resiliency - Global Resilience Federation (GRF) Business Resilienc...Accidental Resiliency - Global Resilience Federation (GRF) Business Resilienc...
Accidental Resiliency - Global Resilience Federation (GRF) Business Resilienc...
 
Cybersecurity for Small Business - Incident Response.pptx
Cybersecurity for Small Business - Incident Response.pptxCybersecurity for Small Business - Incident Response.pptx
Cybersecurity for Small Business - Incident Response.pptx
 
MePush Leadership Fundamentals - Week 5
MePush Leadership Fundamentals - Week 5MePush Leadership Fundamentals - Week 5
MePush Leadership Fundamentals - Week 5
 
MePush Leadership Fundamentals - Week 4
MePush Leadership Fundamentals - Week 4MePush Leadership Fundamentals - Week 4
MePush Leadership Fundamentals - Week 4
 
MePush Leadership Fundamentals - Week 3
MePush Leadership Fundamentals - Week 3MePush Leadership Fundamentals - Week 3
MePush Leadership Fundamentals - Week 3
 
MePush Leadership Fundamentals - Week 2
MePush Leadership Fundamentals - Week 2MePush Leadership Fundamentals - Week 2
MePush Leadership Fundamentals - Week 2
 
Anatomy of a Ransomware Event
Anatomy of a Ransomware EventAnatomy of a Ransomware Event
Anatomy of a Ransomware Event
 
MePush Leadership Fundamentals - Week 1
MePush Leadership Fundamentals - Week 1MePush Leadership Fundamentals - Week 1
MePush Leadership Fundamentals - Week 1
 
Control Your Data: 3 Steps for Data Governance for Work from Home Staff
Control Your Data: 3 Steps for Data Governance for Work from Home StaffControl Your Data: 3 Steps for Data Governance for Work from Home Staff
Control Your Data: 3 Steps for Data Governance for Work from Home Staff
 
Be More Secure than your Competition: MePush Cyber Security for Small Business
Be More Secure than your Competition: MePush Cyber Security for Small BusinessBe More Secure than your Competition: MePush Cyber Security for Small Business
Be More Secure than your Competition: MePush Cyber Security for Small Business
 
Internet safety and you
Internet safety and youInternet safety and you
Internet safety and you
 

Recently uploaded

Sales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessSales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessAggregage
 
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCRsoniya singh
 
BEST Call Girls In BELLMONT HOTEL ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In BELLMONT HOTEL ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In BELLMONT HOTEL ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In BELLMONT HOTEL ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,noida100girls
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitHolger Mueller
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfpollardmorgan
 
Case study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailCase study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailAriel592675
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppelCorporation
 
Investment analysis and portfolio management
Investment analysis and portfolio managementInvestment analysis and portfolio management
Investment analysis and portfolio managementJunaidKhan750825
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...lizamodels9
 
(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCRsoniya singh
 
NewBase 22 April 2024 Energy News issue - 1718 by Khaled Al Awadi (AutoRe...
NewBase 22 April 2024 Energy News issue - 1718 by Khaled Al Awadi (AutoRe...NewBase 22 April 2024 Energy News issue - 1718 by Khaled Al Awadi (AutoRe...
NewBase 22 April 2024 Energy News issue - 1718 by Khaled Al Awadi (AutoRe...Khaled Al Awadi
 
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdfCatalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdfOrient Homes
 
CATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDF
CATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDFCATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDF
CATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDFOrient Homes
 
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingShawn Pang
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...lizamodels9
 
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
(8264348440) 🔝 Call Girls In Mahipalpur 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Mahipalpur 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Mahipalpur 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Mahipalpur 🔝 Delhi NCRsoniya singh
 
RE Capital's Visionary Leadership under Newman Leech
RE Capital's Visionary Leadership under Newman LeechRE Capital's Visionary Leadership under Newman Leech
RE Capital's Visionary Leadership under Newman LeechNewman George Leech
 

Recently uploaded (20)

Sales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessSales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for Success
 
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR
 
BEST Call Girls In BELLMONT HOTEL ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In BELLMONT HOTEL ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,BEST Call Girls In BELLMONT HOTEL ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
BEST Call Girls In BELLMONT HOTEL ✨ 9773824855 ✨ Escorts Service In Delhi Ncr,
 
Progress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst SummitProgress Report - Oracle Database Analyst Summit
Progress Report - Oracle Database Analyst Summit
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
 
Case study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detailCase study on tata clothing brand zudio in detail
Case study on tata clothing brand zudio in detail
 
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation SlidesKeppel Ltd. 1Q 2024 Business Update Presentation Slides
Keppel Ltd. 1Q 2024 Business Update Presentation Slides
 
Investment analysis and portfolio management
Investment analysis and portfolio managementInvestment analysis and portfolio management
Investment analysis and portfolio management
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
 
(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR
 
NewBase 22 April 2024 Energy News issue - 1718 by Khaled Al Awadi (AutoRe...
NewBase 22 April 2024 Energy News issue - 1718 by Khaled Al Awadi (AutoRe...NewBase 22 April 2024 Energy News issue - 1718 by Khaled Al Awadi (AutoRe...
NewBase 22 April 2024 Energy News issue - 1718 by Khaled Al Awadi (AutoRe...
 
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdfCatalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
Catalogue ONG NƯỚC uPVC - HDPE DE NHAT.pdf
 
CATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDF
CATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDFCATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDF
CATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDF
 
Best Practices for Implementing an External Recruiting Partnership
Best Practices for Implementing an External Recruiting PartnershipBest Practices for Implementing an External Recruiting Partnership
Best Practices for Implementing an External Recruiting Partnership
 
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth MarketingTech Startup Growth Hacking 101 - Basics on Growth Marketing
Tech Startup Growth Hacking 101 - Basics on Growth Marketing
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
 
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Mehrauli Delhi 💯Call Us 🔝8264348440🔝
 
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCREnjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
 
(8264348440) 🔝 Call Girls In Mahipalpur 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Mahipalpur 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Mahipalpur 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Mahipalpur 🔝 Delhi NCR
 
RE Capital's Visionary Leadership under Newman Leech
RE Capital's Visionary Leadership under Newman LeechRE Capital's Visionary Leadership under Newman Leech
RE Capital's Visionary Leadership under Newman Leech
 

vCIO vCISO - Information Technology and Security Strategy.pptx

  • 1. vCIO/vCISO IT and Security Strategy Monthly Strategy Meetings by Art Ocain, vCIO/vCISO at Airiam
  • 2. Understand the business and current IT strategy and cyber strategy Assess & update current IT and security strategy Create & update Information Security Program Create & update Disaster Recovery Plan and Incident Response Plan Develop Technology Roadmap Develop Technology Budget Business Alignment Improve Business Outcomes IT & Security Architectural Design IT Risk Management IT Change Management Ongoing Oversight of IT Initiatives Technical Alignment vCIO Processes vCIO Responsibilities
  • 4. IT Strategic Plan Think: • Immediate Needs • 1 Year Plan • 3 Year Plan • 5 Year Plan 1 Assemble a cross- functional team (IT + Business Leaders) 2 Understand business strategy and objectives 3 Assess current state of IT 4 Identify desired future state 5 Conduct a gap analysis 6 Analyze scenarios and strategic options 7 Define strategic objectives 8 Create roadmap 9 Identify success metrics Success Metrics Roadmap Strategic IT Objectives Desired Future State Current State of IT Business Goals
  • 6. Information Security Strategic Plan Think: • Immediate Needs • 1 Year Plan • 3 Year Plan • 5 Year Plan Assemble a cross- functional team (IT + Business Leaders) Understand business strategy and objectives Conduct a risk assessment Identify compliance constraints Select a security framework (NIST CSF, ISO 27001, etc.) Select a security architectural model (zero trust, castle- and-moat, defense- in-depth, etc.) Identify desired future state Conduct a gap analysis Analyze scenarios and strategic options Define strategic objectives Create roadmap Identify success metrics Success Metrics Roadmap Strategic Objectives Desired Future State Framework & Strategy Compliance Req’s Current State of Infosec Business Goals
  • 8. Risk & Vulnerability Management Controls Policies & Plans • Asset Inventory • Risk Assessment • Vulnerability Management • Penetration Testing • User Access/Rights Review • Remediation • Multifactor Authentication • Security Awareness Training • Phishing Simulations • Endpoint Detection & Response • Microsegmentation • Encryption • Access Control • Vendor Due Diligence • Continuous Monitoring • Acceptable Use Policy • Clean Desk & Screen Lock Policy • Data Retention & Destruction Policy • Encryption Policy • Credentials/Password Policy • IT Change Management Policy • Incident Response Plan • Disaster Recovery Plan Information Security Program Governance Strategy & Plan