Select regional store:
The Chief Information Security Officer

The Chief Information Security Officer

SKU: 3353
Authors: It Governance Publishing
Publishers: IT Governance Publishing
Format: Adobe eBook
ISBN13: 9781849281836
ISBN10: 1905356137
Pages: 71
Published: 01 Oct 2005
Availability: In stock
Format: Adobe ePub
ISBN13: 9781849281966
Pages: 71
Published: 28 Apr 2011
Availability: Always Available
This guide explains the changing goals of an information security department and describes the hard and soft skills that a successful CISO requires.
Price: $14.95


The Chief Information Security Officer: Insights, tools and survival skills 

Discover the skills you need to be a successful CISO in today’s changing world

The role of the Chief Information Security Officer has evolved enormously in recent years in response to security threats and a challenging business environment. Instead of being primarily a master technician, today’s CISO has to be a trusted advisor to senior management.

The Changing Role of the Information Security Officer

The CISO has overall responsibility for corporate security strategy, but today’s CISO has to be in the business of managing information, not just securing it. The successful CISO needs to have excellent communication and presentation skills, and to demonstrate keen business acumen.

The serious and ever-changing nature of today’s security threats demand a strategic-minded response, and a successful CISO will always be thinking about how to gain business objectives through enabling technology while properly managing risk.

This pocket guide emphasises the importance of a suitable information security management system (ISMS) and the risk management methodolgy that should be at its heart.

Read this pocket guide and …
  • Learn how the role of a CISO has changed.
  • Today’s CISO must be integrated into all aspects of the business and have a full understanding of its strategy and objectives.

  • Understand the importance of a risk management methodology.
  • A good risk management methodology must take into account the special information security needs of the company as well as legal and regulatory requirements.

  • Learn how to establish a successful ISMS.
  • The guide explains how to design and implement an ISMS that is appropriate for the organisation. It also describes the key management system processes that should be included in an ISMS.

Chief Information Security Officers are bombarded with huge challenges every day, from recommending security applications to strategic thinking and business innovation. This guide describes the hard and soft skills that a successful CISO requires: not just a good knowledge of information security, but also attributes such as flexibility and communication skills.

What others are saying about this book…

'...Concise and helpful information for anyone in the CISO role and especially those aspiring for the role.' Mark Arnold 29/07/2013

This guide explains the changing goals of an information security department … buy it now and learn the secrets of being a successful CISO!

About the authors

Barry Kouns is a security and risk management expert with over 25 years of experience in information security consulting, risk assessment and quality management. Barry formed and operates SQM-Advisors, an information security, risk assessment and IT service management firm that has led eight organisations to ISO/IEC 27001:2005 certification. He is frequently quoted in magazines and news articles on information security and has held the position of Trainer for the British Standards Institute (BSI). He holds a BS in Statistics and an MS in Industrial Engineering Management. Barry has earned the CISSP designation and is a trained ISO/IEC/27001 Lead Auditor and ISMS Implementer, and is ITIL Foundation certified.

Jake Kouns has an MBA with a concentration in Information Security from James Madison University. He holds a number of certifications including CISSP, CISM, CISA and CGEIT. He is currently Director of Cyber Security and Technology Risks Underwriting for Markel Corporation, a specialty insurance company. He has presented at many well-known security conferences including RSA, CISO Executive Summit, EntNet IEEE GlobeCom, CanSecWest, and SyScan. He is the co-author of Information Technology Risk Management in Enterprise Environments, and has also been interviewed numerous times as an expert in the security industry. Jake is the co-founder, CEO, and CFO of the Open Security Foundation (OSF), a non-profit organisation that oversees the operations of the Open Source Vulnerbility Database ( and DataLossDB.

Customer Reviews

(0# of Ratings:)
This website uses cookies. View our cookie policy