Saturday, March 23, 2013

7 Key Duties Of CISOs

CISO's Responsibilities 

The CISO's responsibilities would include: 

  1. Overseeing the establishment and maintenance of a security operation that through automated and continuous monitoring can detect, contain and mitigate incidents that impair information security and enterprise information systems;
  2. Developing, maintaining and overseeing an enterprise-wide information security program;
  3. Developing, maintaining and overseeing information security policies, procedures and control techniques to address all applicable requirements;
  4. Training and overseeing personnel with significant responsibilities for information security;
  5. Assisting senior agency officials on cybersecurity matters;
  6. Ensuring the enterprise has a sufficient number of trained and security-cleared personnel to assist in complying with cybersecurity law and procedures;
  7. Reporting at least annually to enterprise executives the effectiveness of the agency information security program; information derived from automated and continuous monitoring, including threat assessments; and progress on actions to remediate threats.
The CISOs should posses the necessary qualifications, including education, training, experience and the security clearance needed to do the job.

No comments: