Skip to Main Content
Learn for less: Save 10% on high-quality foundation and auditor training. Find out more
The Chief Information Security Officer

The Chief Information Security Officer

SKU: 3353
Authors: It Governance Publishing
Publishers: IT Governance Publishing
Format: PDF
ISBN13: 9781849281836
ISBN10: 1905356137
Pages: 71
Published: 01 Oct 2005
Availability: In stock

This guide explains the changing goals of an information security department and describes the hard and soft skills that a successful CISO requires.

Buy now, pay later! Enjoy the benefits of paying by purchase order with an IT Governance corporate account.  Apply online today or call our service centre team on 00 800 48 484 484.

Price: 12,95 €

Discover the skills you need to be a successful CISO in today’s changing world

The role of the Chief Information Security Officer has evolved enormously in recent years in response to security threats and a challenging business environment. Instead of being primarily a master technician, today’s CISO has to be a trusted advisor to senior management.

The Changing Role of the Information Security Officer

The CISO has overall responsibility for corporate security strategy, but today’s CISO has to be in the business of managing information, not just securing it. The successful CISO needs to have excellent communication and presentation skills, and to demonstrate keen business acumen.

The serious and ever-changing nature of today’s security threats demand a strategic-minded response, and a successful CISO will always be thinking about how to gain business objectives through enabling technology while properly managing risk.

This pocket guide emphasises the importance of a suitable information security management system (ISMS) and the risk management methodolgy that should be at its heart.

Read this pocket guide and …

  • Learn how the role of a CISO has changed.
  • Today’s CISO must be integrated into all aspects of the business and have a full understanding of its strategy and objectives.
  • Understand the importance of a risk management methodology.
  • A good risk management methodology must take into account the special information security needs of the company as well as legal and regulatory requirements.
  • Learn how to establish a successful ISMS.
  • The guide explains how to design and implement an ISMS that is appropriate for the organisation. It also describes the key management system processes that should be included in an ISMS.

Chief Information Security Officers are bombarded with huge challenges every day, from recommending security applications to strategic thinking and business innovation. This guide describes the hard and soft skills that a successful CISO requires: not just a good knowledge of information security, but also attributes such as flexibility and communication skills.

About the author

Barry Kouns

is a security and risk management expert with over 25 years of experience in information security consulting, risk assessment and quality management. Barry formed and operates SQM-Advisors, an information security, risk assessment and IT service management firm that has led eight organisations to ISO/IEC 27001:2005 certification. He is frequently quoted in magazines and news articles on information security and has held the position of Trainer for the British Standards Institute (BSI). He holds a BS in Statistics and an MS in Industrial Engineering Management. Barry has earned the CISSP designation and is a trained ISO/IEC/27001 Lead Auditor and ISMS Implementer, and is ITIL Foundation certified.

Jake Kouns

has an MBA with a concentration in Information Security from James Madison University. He holds a number of certifications including CISSP, CISM, CISA and CGEIT. He is currently Director of Cyber Security and Technology Risks Underwriting for Markel Corporation, a specialty insurance company. He has presented at many well-known security conferences including RSA, CISO Executive Summit, EntNet IEEE GlobeCom, CanSecWest, and SyScan. He is the co-author of Information Technology Risk Management in Enterprise Environments, and has also been interviewed numerous times as an expert in the security industry. Jake is the co-founder, CEO, and CFO of the Open Security Foundation (OSF), a non-profit organisation that oversees the operations of the Open Source Vulnerbility Database ( and DataLossDB.

Customer Reviews