The serious and ever-changing nature of today’s security threats demand a strategic-minded response, and a successful CISO will always be thinking about how to gain business objectives through enabling technology while properly managing risk. This pocket guide emphasises the importance of a suitable information security management system (ISMS) and the risk management methodolgy that should be at its heart.

• Cover
• Title Page
• Copyright Page
• Foreword
• Who Should Read this Book
• About the Author
• Acknowledgements
• Contents
• Introduction
• Chapter 1: The Nature of the CISO Role
  • The beginning
  • Forever increasing threats
  • Challenges
  • The satisfaction
• Chapter 2: The Traditional CISO Job Description
• Chapter 3: The Changing CISO Role
  • Today’s CISO – enlightened leader
  • Holistic security
• Chapter 4: The New CISO’s Toolbox
  • How do we start the shift?
  • What actions can you take today?
• Chapter 5: Risk Management
  • What does ISO/IEC 27001:2005 have to say about risk management?
  • Risk treatment plans
  • ISO31000:2009: Risk management – principles and guidelines
  • Risk management principles according to ISO31000:2009
  • Risk management – the heart of information security
• Chapter 6: The Information Security Management System
  • Elements of an Information Security Management System
  • Key processes within an Information Security Management System
  • The case for ISO/IEC 27001:2005 certification
• Chapter 7: CISO Survival
  • A solid foundation
  • Your strategy to survive and prosper
• Chapter 8: Summary – You Become What You Think About
  • What do great CISOs think about today?
  • Protecting our greatest assets
  • What will great CISOs think about tomorrow?
  • How do you start thinking about the right things?
• ITG Resources