How highly effective CISOs lean forward with proactive risk management

No executive wants to be blindsided by risks, and the role of the CISO is more crucial than ever in preventing that. The most effective CISOs run highly effective, risk-focused security programs and are experts at relating technology, digital, and cyber risks to the business and its initiatives.

Sysdig’s latest blog by Matt Stamper, CIPP/US, CISA, CISM, CRISC, CDPSE, QTE dives into how CISOs can effectively manage and communicate digital and cyber risks within their organizations.

Catch it here to learn how to enhance your organization’s cyber risk management strategy: https://okt.to/huK2CQ hashtag#CISO hashtag#Cybersecurity hashtag#RiskManagement

Protect Your Practice and Protect Your Business

CISO DRG Publishing is proud to announce the publication of two new books in the Small Business Series. These are successor books to Bring Your Own Cyber, originally published in 2020. Protect Your Business: A Small Business Guide to Basic Cybersecurity is written for small businesses and Protect Your Practice: Basic Cybersecurity for Healthcare, Legal and Financial Professionals is tailored specifically to small independent offices is professional services.

The eight chapters in these books teach readers the basics. They use plain language to small owners and independent professionals how to become more secure. They include prudent steps readers can take right away to be more secure and every chapter comes with “Pro Steps” to take it to the next level.

Available for immediate sale, Matt, Gary, and Bill congratulate Bill and David. Good work, guys!

Cyber Crisis Response: Leveraging the SONAR Method to Accelerate Response and Recovery

CISO DRG Publishing is proud to announce the publication of Cyber Crisis Response:  Leveraging the SONAR Method to Accelerate Response and Recovery, by Andrew Gorecki and Christopher Scott.

In Cyber Crisis Response, Andrew and Chris introduce The SONAR Method™, a proven, proprietary framework they developed through years of being on the front line, responding to cyber crises as the unfold. Andrew and Chris have lived in the trenches of crisis response, this book describes many of the common pitfalls and their battle-tested solutions. There is no better way to learn than to do it yourself, but understanding the lessons others have learned is essential to help you prepare.

Crisis response is a complex undertaking that requires the coordination of multiple, often conflicting, activities. No playbook replaces experience and critical thinking. Using The SONAR Method will help any practitioner:

  • Understand how to stabilize an environment during a cyber attack
  • Learn how to organize the team and resources needed to resolve the situation
  • Facilitate negotiations across a wide variety of stakeholders involved in the crisis
  • Discover how to effectively articulate and communicate the situation and resolution to a broad range of stakeholders
  • Develop the specific action plan required to remediate and recover from the incident

With a foreword written by George Kurtz, President/CEO and co-founder of CrowdStrike, Cyber Crisis Response is the essential resource for you to up your game and respond with confidence when the inevitable cyber crisis strikes.

Available for immediate sale, Matt, Gary, and Bill congratulate Andrew and Chris. Well done, gentlemen!

Information Governance Leadership Summit

Information Governance Leadership Summit:
March 30 & 31
San Diego, California

Attendance includes: 2 Workshops, breakfasts, lunches, breaks, 2 signed books & a networking reception

Click here to register!

About the Agenda

Day 1: Drafting Effective IG Policies
Effective Policy Writing has been cited by IG pros in recent research as a top priority and key to successful IG programs. Day One of the 2nd Annual CIGO Association “Information Governance Leadership Summit” will bring together IG leaders from around the world for a deep dive with renowned policy expert Lewis Eisen, author of, “Respectful Policies and Directives: How to Write Rules People Want to Follow.”

Networking Reception

To close the first day, we will hold a Networking Reception at the hotel, with appetizers and an open bar. We want to encourage forming bonds and long-term business relationships to help advance careers, and the field of IG.

Day 2: Privacy Program Management and Info Risk Management

Privacy & Cybersecurity expert, Justine Phillips, Partner at the major law firm DLA Piper, along with Cybersecurity expert Matt Stamper, CIPP/US, CISA, CISM, CRISC, CDPSE, QTE, the “CISO to CISOs” will present a two-part workshop on Privacy Program Management, and Information Risk Management, based on their book, “Data Privacy Program Guide: How to Build a Privacy Program the Inspires Trust.”

We will also have a panel discussion of leading experts in IG and InfoRisk.

Cost: $1495, includes all materials, meals, reception, and breaks.

14 hours of Continuing Education Units approved by CIGO Association

Seating is limited. So register today.

Second edition of Creating a Small Business Cybersecurity Program: A Non-Technical Guide for Small Business Owners.

CISO DRG is pleased to announce publication of the second edition of Creating a Small Business Cybersecurity Program: A Non-Technical Guide for Small Business Owners.

After the first edition of this book was initially published in July 2020, using the CIS Controls® version 7.1, the CIS Controls® underwent a major update to version 8, issued in May 2021. The new version emphasizes the three Implementation Groups and expanded Implementation Group 1 (IG1), which applies primarily to small-to-medium businesses (SMBs). Another change in v.8 is having only 18 primary controls rather than 20. The Controls v.7.1 started with 43 Safeguards for IG1, then through revision, realignment, or incorporation into other Safeguards; IG1 v.8 has 56 Safeguards. These Safeguards are the key to achieving the security objectives identified in the overall CIS Controls®.

This Second Edition has incorporated the v.8 Safeguards into the book’s content, so that small business owners can follow simple, step-by-step approach to implementing these new safeguards in their company. Other changes are also included in the edition to bring the information up-to-date and provide new guidance on best industry practices.