CISOs Aren’t Firefighters – Creating a Clear Security Strategy presented at CISOatlanta 2015

by Christopher Bullock,

Summary : Getting buy-in from the C-suite can be a daunting task for CISOs trying to demonstrate the value of the security organization. To build a strong security roadmap for an organization, Christopher Bullock argues, CISOs need to detail budget needs, map the execution of the plan to well-known and proven standards, and divide the plan into strategic and tactical initiatives that can be understood by the rest of the team. By applying Bullock’s framework of openly shared goals and clearly outlined strategies, CISOs can successfully communicate their vision and execute their security plan, rather than act like firefighters trying to clean up a disaster.