Role of the CISO in enhancing information security governance presented at ITWeb 2014

by Andrew Mpofu,

Summary : The presentation aims to outline the discipline in information security governance that the role of the CISO brings to the enterprise, and covers the following:
How the role fits in enterprise governance of information security
Some of the problems experienced when the role is either totally not presenting or not optimally structured in the information security hierarchy
The typical functions of the CISO
How the CISO enables an end-to end sight of the enterprise and how that enhances optimal risk management and the positive consequences of that.
Recent trends in the realisation of the importance of the CISO role through some high profile cases where the absence of the role led to security breaches.
How the role of the CISO has evolved at an organisation that was hacked
Lessons learnt after the hacking incident