Read more
Informationen zum Autor Todd Fitzgerald, CISSP, CISA, CISM, CIPM, CIPP/US, CIPP/E, CIPP/C, CGEIT, CRISC, PMP, ISO27000, and ITILv3 certified, is Managing Director, of CISO Spotlight, LLC Todd has built and led multiple Fortune 500/large company information security programs for 20 years across multiple industries, named 2016-17 Chicago CISO of the Year by AITP, ISSA, ISACA, Infragard and SIM, ranked Top 50 Information Security Executive, and Information Security Executive (ISE) Award Finalist, and named Ponemon Institute Fellow. Fitzgerald coauthored with Micki Krause the first professional organization Chief Information Security Officer Book, CISO Leadership: Essential Principles for Success (ISC2 Press, 2008). Todd also authored Information Security Governance Simplified: From the Boardroom to the Keyboard (Auerbach, 2012), and co-authored Certified Chief Information Security Officer Body of Knowledge (E-C Council, 2014), and has contributed to over a dozen others. Fitzgerald has participated in the development of materials for the Official CISSP Exam Study Guide, Information Security Handbook Series, ISACA COBIT 5 for Information Security and ISACA CSX Cybersecurity Fundamentals. Fitzgerald is a top-rated RSA Conference speaker and is frequently called upon to present at international, national and local conferences for Information Systems Audit and Control Association (ISACA), Information Systems security Association (ISSA), Management Information Systems Training Institute (MISTI), COSAC, Centers for Medicare and Medicaid Services, T.E.N., and others. Fitzgerald serves on the HIPAA Collaborative of Wisconsin Board of Directors (2002-present), Milwaukee Area Technical College Security Advisory Board, and University of Wisconsin-La Crosse College of Business Administration Board of Advisors. Prior senior leadership includes SVP, CAO Information Security Northern Trust, Global CISO Grant Thornton International, Ltd, Global CISO ManpowerGroup, Medicare Security Officer/External Audit Oversight WellPoint (now Anthem) Blue Cross Blue Shield-National Government Services, CISO North & Latin America Zeneca/Syngenta and senior Information Technology leadership positions with IMS Health, and American Airlines. Todd earned a B.S. in Business Administration from the University of Wisconsin-La Crosse and Master Business Administration with highest honors from Oklahoma State University. Klappentext #1 Best Selling Information Security Book by Taylor & Francis in 2019, 2020, 2021 and 2022!2020 Cybersecurity CANON Hall of Fame WinnerTodd Fitzgerald, co-author of the ground-breaking (ISC)2 CISO Leadership: Essential Principles for Success, Information Security Governance Simplified: From the Boardroom to the Keyboard, co-author for the E-C Council CISO Body of Knowledge, and contributor to many others including Official (ISC)2 Guide to the CISSP CBK, COBIT 5 for Information Security, and ISACA CSX Cybersecurity Fundamental Certification, is back with this new book incorporating practical experience in leading, building, and sustaining an information security/cybersecurity program.CISO COMPASS includes personal, pragmatic perspectives and lessons learned of over 75 award-winning CISOs, security leaders, professional association leaders, and cybersecurity standard setters who have fought the tough battle. Todd has also, for the first time, adapted the McKinsey 7S framework (strategy, structure, systems, shared values, staff, skills and style) for organizational effectiveness to the practice of leading cybersecurity to structure the content to ensure comprehensive coverage by the CISO and security leaders to key issues impacting the delivery of the cybersecurity strategy and demonstrate to the Board of Directors due diligence. The insights will assist the security leader to create programs appreciated and supported by the organization, capable of industry/ peer award-winning recog...
List of contents
Section 1: THE CISO ROAD MAP 1. CISO Role: Evolution or Revolution? 2. Cybersecurity Leadership and the McKinsey 7-S Framework Section 2: STRATEGY 3. Developing Strategy 4. Emerging Technologies and Trends Section 3: STRUCTURE 5. Cybersecurity Organization Structure 6. CISO Reporting Models Section 4: SYSTEMS 7. Leveraging the Incidents of Others 8. The Security Control Framework Maze 9. Risk Management Practices Section 5: SHARED VALUES 10. It's the Law 11. Data Protection and Privacy Every CISO Must Know 12. Meaningful Policies and Procedures Section 6: STAFF 13. Multigenerational Workforce Team Dynamics Section 7: SKILLS 14. CISO Soft Skills Section 8: STYLE 15. The CISO and the Board of Directors
