IANS , profile picture
Uploaded byIANS
PDF, PPTX187 views

What is an IANS CISO Workshop? Factor 2

The document discusses the challenges faced by CISOs in protecting organizational assets and managing risk due to a lack of control over processes and people. It introduces the CISO Impact framework which provides a structured approach for CISOs to measure and improve their performance in proactively engaging with the organization through 7 defined factors. The framework includes a diagnostic assessment and workshops to help CISOs understand their strengths/weaknesses and develop concrete plans to advance each factor and their overall impact.

Embed presentation

Download as PDF, PPTX
CISOs and their teams operate against a backdrop of continuous change in the threat landscape, information security technology, and business conditions. The mission to protect critical assets across space and time is further complicated by a lack of direct control over the people and processes that expose the organization to risk through day- to-day operations. In-depth research with hundreds of information security leaders revealed a common thread among the top performers: Technical skills, while essential, are not enough. To deliver maximum impact, Information Security must engage with the business and practice proactive organizational engagement.
To drive insight and enable action on these “soft skills,” IANS has broken proactive organizational engagement down into a set of clearly defined, quantifiable elements we call The 7 Factors of CISO Impact. Our CISO Impact framework provides a structured, action-oriented approach that allows you to baseline your performance and measure progress down to the Factor and sub-Factor levels as you work towards b e t t e r p ro a c t i v e o rg a n i z a t i o n a l engagement.
First step: take the Diagnostic. The Diagnostic is an online self- assessment that measures the current state of your team’s organizational engagement. Your personal report provides you with insight into your team’s strengths and weaknesses, and allows you to compare the results to those of your peers. As you work to improve your skill sets in each of the 7 Factors, your Diagnostic results will reflect your progress.
Then, attend a CISO Impact Workshop. The CISO Impact Workshop is a four-hour deep dive into one of the 7 Factors of CISO Impact. IANS-proprietary worksheets will help you break down your Factor-specific Diagnostic results into concrete, step-by-step actions for improvement. You’ll experience a new way of thinking about what you do, and walk away with insights that will influence the way that you execute your mission.
A CISO Impact Workshop is a collaborative hands-on working session. Wrap-Up Review lessons learned and discuss of how improvement will drive success.Introductions Get to know your fellow CISOs Workshop Orientation The IANS facilitator describes the workshop context, components and flow for the day Solo Work Document your team’s skills and processes vs. the workshop Factor. Presentations & Feedback Present your workbook writings and receive feedback from your peers. Research Overview A discussion of the research and structure of the CISO Impact framework Diagnostic An explanation of how the CISO Impact self- assessment tool works What are the 7 Factors? An overview of the individual 7 Factors of CISO Impact, and a look at how they all work together to drive success. Small Group Discussion Share ideas and challenges with your small group
Most business leaders view information security risk as separate from business risk. Why? And how can we change this? Only 7% of CISOs who have taken the CISO Impact Diagnostic report being in-sync with business leadership regarding information security assets, processes, and incident response capabilities. What steps can you take to bring your goals into line with the strategic goals of the business and convince business leaders to own information security risk? At a recent Factor 2 Workshop, we posed the question: Factor 2: Get Business Leaders to Own Information Security Risk
Participants discussed the challenges … … and through that discussion, shared thoughts on how to address the problem. “If the business signs off on risk, nobody blinks. We have to push to revisit risks periodically.” “We don’t have a risk culture so developing a policy on risk stewardship isn’t getting much support.” “Top management sends mixed signals about who is accountable for information security risk. We’re left on the hot seat.”
You’ll walk away with strategies for success in real-world situations. For example, you’ll learn how to: •  Work with C-Level executives to tie business leaders’ compensation to reducing security risks. •  Create competition among business leaders by implementing and publishing ‘wall of shame’ metrics for information security compliance. •  Work on building connections and finding security champions in other departments in the organization, like Finance or Legal.

More Related Content

PDF
What is an IANS CISO Workshop? Factor 6
byIANS
 
PDF
What is an IANS CISO Impact Roundtable?
byIANS
 
PDF
The 7 Factors of CISO Impact
byAndrew Sanders
 
PDF
Webinar: Vulnerability Management IT can fix it, but the business needs to ow...
byIceberg Networks Corporation
 
PDF
Employee Engagement and Your Enterprise Security Risk Management Strategy
byResolver Inc.
 
PPTX
Bill Lisse - Communicating Security Across the C-Suite
bycentralohioissa
 
PPTX
Behavior Based Safety System-Workplace Safety Training
byOnlineCompliance Panel
 
PDF
Jim Dean Marketing One Pager
byJames Dean
 
What is an IANS CISO Workshop? Factor 6
byIANS
 
What is an IANS CISO Impact Roundtable?
byIANS
 
The 7 Factors of CISO Impact
byAndrew Sanders
 
Webinar: Vulnerability Management IT can fix it, but the business needs to ow...
byIceberg Networks Corporation
 
Employee Engagement and Your Enterprise Security Risk Management Strategy
byResolver Inc.
 
Bill Lisse - Communicating Security Across the C-Suite
bycentralohioissa
 
Behavior Based Safety System-Workplace Safety Training
byOnlineCompliance Panel
 
Jim Dean Marketing One Pager
byJames Dean
 

What's hot

PPTX
Data-centric Safety Critical Element Management
byAdvisian
 
PPTX
Major Hazard Installations
byAdvisian
 
PPT
Creating a Behavioral Safety Process
byB-Safe Management Solutions Inc.
 
PPTX
Social Performance: Can we get it right?
byAdvisian
 
PDF
Creating safety cultures
byPhil La Duke
 
PDF
Cybersecurity.1
byTodd Clausen
 
PPTX
Case analysis
byamol_nale
 
PPTX
Managing Rule Breaking
byAdvisian
 
PPT
Mr. Stuart Johnston - Leading with safety the path to excellence
bykuwaitsupplychain
 
PPTX
Good HSE Governance
byAdvisian
 
PPS
The seventh value asse show
byPhil La Duke
 
PPT
Safety As A Competitve Advantage
byPhil La Duke
 
PDF
Behavior based safety how thinking safe leads to acting safe
byHNI Risk Services
 
PPTX
Crisis Ready: Build an Invincible Brand Slide Deck
byStukent Inc.
 
PPT
Taking Control Of Workplace Safety
byladukepc
 
PPT
Behavioral Safety Leadership in Oil & Gas construction
byB-Safe Management Solutions Inc.
 
PDF
What is an IANS Connector Event?
byAndrew Sanders
 
Data-centric Safety Critical Element Management
byAdvisian
 
Major Hazard Installations
byAdvisian
 
Creating a Behavioral Safety Process
byB-Safe Management Solutions Inc.
 
Social Performance: Can we get it right?
byAdvisian
 
Creating safety cultures
byPhil La Duke
 
Cybersecurity.1
byTodd Clausen
 
Case analysis
byamol_nale
 
Managing Rule Breaking
byAdvisian
 
Mr. Stuart Johnston - Leading with safety the path to excellence
bykuwaitsupplychain
 
Good HSE Governance
byAdvisian
 
The seventh value asse show
byPhil La Duke
 
Safety As A Competitve Advantage
byPhil La Duke
 
Behavior based safety how thinking safe leads to acting safe
byHNI Risk Services
 
Crisis Ready: Build an Invincible Brand Slide Deck
byStukent Inc.
 
Taking Control Of Workplace Safety
byladukepc
 
Behavioral Safety Leadership in Oil & Gas construction
byB-Safe Management Solutions Inc.
 
What is an IANS Connector Event?
byAndrew Sanders
 

Viewers also liked

DOCX
Dinner
byCael Manning
 
PPTX
Google - HR Policies
byGuru Nanak Institute of Management
 
PPTX
Google-Work Culture and Innovation
byPrasant Patro
 
PPTX
Organizational Development
byDr. Pratiksha Patil
 
PPT
Presentation skills for managers
byYodhia Antariksa
 
PPT
Creative Thinking Skills
byYodhia Antariksa
 
PPT
Developing leadership skills
byYodhia Antariksa
 
PPT
HR Scorecard
byYodhia Antariksa
 
PPT
Emotional Intelligence
byYodhia Antariksa
 
PPT
Good To Great
byYodhia Antariksa
 
PPT
Career Planning and Development
byYodhia Antariksa
 
PPT
Measuring ROI of Training
byYodhia Antariksa
 
PPT
Balanced Scorecard
byYodhia Antariksa
 
PPT
Diagnosing Organizational Effectiveness
byYodhia Antariksa
 
PPT
Change Management
byYodhia Antariksa
 
PPT
Coaching For Optimal Performance
byYodhia Antariksa
 
PPT
Communication Skills
byYodhia Antariksa
 
Dinner
byCael Manning
 
Google - HR Policies
byGuru Nanak Institute of Management
 
Google-Work Culture and Innovation
byPrasant Patro
 
Organizational Development
byDr. Pratiksha Patil
 
Presentation skills for managers
byYodhia Antariksa
 
Creative Thinking Skills
byYodhia Antariksa
 
Developing leadership skills
byYodhia Antariksa
 
HR Scorecard
byYodhia Antariksa
 
Emotional Intelligence
byYodhia Antariksa
 
Good To Great
byYodhia Antariksa
 
Career Planning and Development
byYodhia Antariksa
 
Measuring ROI of Training
byYodhia Antariksa
 
Balanced Scorecard
byYodhia Antariksa
 
Diagnosing Organizational Effectiveness
byYodhia Antariksa
 
Change Management
byYodhia Antariksa
 
Coaching For Optimal Performance
byYodhia Antariksa
 
Communication Skills
byYodhia Antariksa
 

Similar to What is an IANS CISO Workshop? Factor 2

PDF
What is an IANS CISO Workshop? Factor 1
byIANS
 
PDF
What is an IANS CISO Workshop? Factor 3
byIANS
 
PDF
The 7 Factors of CISO Impact
byIANS
 
PDF
IANS 2015 RSA Presentation
byAndrew Sanders
 
PDF
The 7 Factors of CISO Impact at RSA 2015
byIANS
 
PPTX
The Gathering Storm
byInnoTech
 
PDF
Transforming Information Security: Designing a State-of-the-Art Extended Team
byEMC
 
PDF
The five secrets of high performing cisos
byPriyanka Aash
 
PDF
my experience as ciso
byMarc Vael
 
PPTX
CISO's first 100 days
byMichaelSadeghiPhDABD
 
PDF
SBIC Report : Transforming Information Security: Future-Proofing Processes
byEMC
 
PPTX
vCISO Overview Virtual CISO Chief Information Security Officer
byabstmsecure
 
PDF
From Cave Man to Business Man, the Evolution of the CISO to CIRO
byPriyanka Aash
 
PPTX
CISO Summit 2020 Post Event Report
bySarthak Nanda
 
PPTX
7th Annual DynamicCISO Summit & Excellence Awards 2020 Report
byRahul Neel Mani
 
PDF
Fortinet: The New CISO – From Technology to Business Focused Leadership
byMighty Guides, Inc.
 
PDF
Step by Step Guide to Healthcare IT Security Risk Management - Redspin Infor...
byRedspin, Inc.
 
PDF
Ensuring Security, Privacy, and Compliance in Healthcare IT - Redspin Informa...
byRedspin, Inc.
 
PDF
IS and the Innovator's Dilemma DCass_Final
byDavid Cass
 
PDF
Briefing the board lessons learned from cisos and directors
byPriyanka Aash
 
What is an IANS CISO Workshop? Factor 1
byIANS
 
What is an IANS CISO Workshop? Factor 3
byIANS
 
The 7 Factors of CISO Impact
byIANS
 
IANS 2015 RSA Presentation
byAndrew Sanders
 
The 7 Factors of CISO Impact at RSA 2015
byIANS
 
The Gathering Storm
byInnoTech
 
Transforming Information Security: Designing a State-of-the-Art Extended Team
byEMC
 
The five secrets of high performing cisos
byPriyanka Aash
 
my experience as ciso
byMarc Vael
 
CISO's first 100 days
byMichaelSadeghiPhDABD
 
SBIC Report : Transforming Information Security: Future-Proofing Processes
byEMC
 
vCISO Overview Virtual CISO Chief Information Security Officer
byabstmsecure
 
From Cave Man to Business Man, the Evolution of the CISO to CIRO
byPriyanka Aash
 
CISO Summit 2020 Post Event Report
bySarthak Nanda
 
7th Annual DynamicCISO Summit & Excellence Awards 2020 Report
byRahul Neel Mani
 
Fortinet: The New CISO – From Technology to Business Focused Leadership
byMighty Guides, Inc.
 
Step by Step Guide to Healthcare IT Security Risk Management - Redspin Infor...
byRedspin, Inc.
 
Ensuring Security, Privacy, and Compliance in Healthcare IT - Redspin Informa...
byRedspin, Inc.
 
IS and the Innovator's Dilemma DCass_Final
byDavid Cass
 
Briefing the board lessons learned from cisos and directors
byPriyanka Aash
 

What is an IANS CISO Workshop? Factor 2

  • 1.
    CISOs and theirteams operate against a backdrop of continuous change in the threat landscape, information security technology, and business conditions. The mission to protect critical assets across space and time is further complicated by a lack of direct control over the people and processes that expose the organization to risk through day- to-day operations. In-depth research with hundreds of information security leaders revealed a common thread among the top performers: Technical skills, while essential, are not enough. To deliver maximum impact, Information Security must engage with the business and practice proactive organizational engagement.
  • 2.
    To drive insightand enable action on these “soft skills,” IANS has broken proactive organizational engagement down into a set of clearly defined, quantifiable elements we call The 7 Factors of CISO Impact. Our CISO Impact framework provides a structured, action-oriented approach that allows you to baseline your performance and measure progress down to the Factor and sub-Factor levels as you work towards b e t t e r p ro a c t i v e o rg a n i z a t i o n a l engagement.
  • 3.
    First step: takethe Diagnostic. The Diagnostic is an online self- assessment that measures the current state of your team’s organizational engagement. Your personal report provides you with insight into your team’s strengths and weaknesses, and allows you to compare the results to those of your peers. As you work to improve your skill sets in each of the 7 Factors, your Diagnostic results will reflect your progress.
  • 4.
    Then, attend a CISOImpact Workshop. The CISO Impact Workshop is a four-hour deep dive into one of the 7 Factors of CISO Impact. IANS-proprietary worksheets will help you break down your Factor-specific Diagnostic results into concrete, step-by-step actions for improvement. You’ll experience a new way of thinking about what you do, and walk away with insights that will influence the way that you execute your mission.
  • 5.
    A CISO ImpactWorkshop is a collaborative hands-on working session. Wrap-Up Review lessons learned and discuss of how improvement will drive success.Introductions Get to know your fellow CISOs Workshop Orientation The IANS facilitator describes the workshop context, components and flow for the day Solo Work Document your team’s skills and processes vs. the workshop Factor. Presentations & Feedback Present your workbook writings and receive feedback from your peers. Research Overview A discussion of the research and structure of the CISO Impact framework Diagnostic An explanation of how the CISO Impact self- assessment tool works What are the 7 Factors? An overview of the individual 7 Factors of CISO Impact, and a look at how they all work together to drive success. Small Group Discussion Share ideas and challenges with your small group
  • 6.
    Most business leadersview information security risk as separate from business risk. Why? And how can we change this? Only 7% of CISOs who have taken the CISO Impact Diagnostic report being in-sync with business leadership regarding information security assets, processes, and incident response capabilities. What steps can you take to bring your goals into line with the strategic goals of the business and convince business leaders to own information security risk? At a recent Factor 2 Workshop, we posed the question: Factor 2: Get Business Leaders to Own Information Security Risk
  • 7.
    Participants discussed thechallenges … … and through that discussion, shared thoughts on how to address the problem. “If the business signs off on risk, nobody blinks. We have to push to revisit risks periodically.” “We don’t have a risk culture so developing a policy on risk stewardship isn’t getting much support.” “Top management sends mixed signals about who is accountable for information security risk. We’re left on the hot seat.”
  • 8.
    You’ll walk awaywith strategies for success in real-world situations. For example, you’ll learn how to: •  Work with C-Level executives to tie business leaders’ compensation to reducing security risks. •  Create competition among business leaders by implementing and publishing ‘wall of shame’ metrics for information security compliance. •  Work on building connections and finding security champions in other departments in the organization, like Finance or Legal.