CIO Scoreboard Overview
-
Upload
redzone-technologies -
Category
Business
-
view
746 -
download
0
Transcript of CIO Scoreboard Overview
The CIO Scoreboard Empowering CIOs through IT Security Strategy
and Risk Management
Visualization is the KeyWhat if in 10 seconds you could explain to the business the current stat of your IT Security program…
Visualization is the Key
Board/CEO Reporting LevelOutput from this
IT Security & Risk Management Flow
CIO – Opinion Management
Security Vendor HW and SW
Internal &/or ExternalAudit
Internal Staff
RegulatorFFIEC,HIPPA, PCI, etc
Integrator
Whose Opinion Do you Follow?
MediaGartner/Think Tank
LanguageSecurity is Verb and not a Noun
Hustle Curve for Compliance
Transparency
Human Error
50+ Security Domainswith Complete Transparency
50+ Security Domains
Risk & Criticality Assignment
Risk Rating
Common Language
Visualization is the Key
Point in Time Analysis
Overview of Process Methodology
Three Stages1. Risk assignment – actual Technical Security
Reality State2. Criticality assignment – the order in which the
business should/needs to do things due to technical fundamentals, true audit issue, actual threat risk
3. Gap review - the technical reality of where you are compared to where you need to be
The CIO Scoreboard allows you to:
• Measure and analyze the current state of IT Security Risk in your company
• Demonstrate and prove IT Security execution• Develop and show a roadmap of investment
needed to fix weaknesses and problems within the enterprise