Bill Bonney, Gary Hayslip, and Matt Stamper wrote the CISO Desk Reference Guide as a two-volume foundational reference for CISOs and aspiring CISOs. In July 2023, we published the third edition of the two-volume set. We believe it has endured as a go-to reference for information security professionals because it deftly blends foundational knowledge with the strategic thinking that is required for CISOs to continue to demonstrate C-level value to their organization. With that in mind, we’ll be sharing excerpts from the CISO Desk Reference Guide over the coming months, spaced approximately two weeks apart. This is our way of furthering the dialog within our community and maybe capturing an ah-ha moment now and again.
These articles are posted on LinkedIn and will be stored on our site for reference. Please use the main navigation menu to select from the articles that have been made available to date.
Excerpts
CISO Desk Reference Guide, Volume 1
Ch 1 The Empowered CISO
Ch 2 The Human Element
Ch 3 You will be Judged by Your Policy
Ch 4 To Tell a Story with Metrics Report It
Ch 5 Are Your Board Ready?
Ch 6 Communicating Risk to Senior Leadership
Ch 7 Risks Covered by Cyber Insurance
Ch 8 How Much Risk Do My Third Parties Have?
Ch 9 A Data-Driven Perspective on Cybersecurity
Ch 10 Legislation Is Changing Cybersecurity
CISO Desk Reference Guide, Volume 2
Ch 11 Techniques and More Techniques
Cyber Crisis Response
Cyber Crisis Response Introduction
Section 1 Perception and Reality
Data Privacy Program Guide
Ch 1 Why Privacy Matters – Blurring the Lines
Ch 8 Privacy by Design