The CISO Desk Reference Guide is a two-volume set that provides guidance for assessment (volume 1) and for building a world-class program (volume 2). To help you get a flavor for how we have treated each of the topics in the book, we’ve provided excerpts from each of the 18 chapters of the two-volume set.

The order of the essays in each chapter follows the arc of our authors’ differing backgrounds and perspectives. Bill Bonney’s essays lead off each chapter and provide a high-level perspective that reflects his background in the finance industry and the structured governance that comes with working in a highly regulated industry. Matt Stamper’s essays come next and his perspective on providing services to many customers simultaneously provides insight into a highly programmatic approach. Gary Hayslip’s essays finish each chapter and his vast experience in the trenches as a hands-on cyber expert provides the reader with a treasure trove of lists and lessons that they can repeatedly reference.

The excerpts provide a sample from each author, spread equally across all 18 chapters.

Book 1
Book 2
Chapter 1 – The CISO
Chapter 2 – Regulatory, Compliance, and Audit
Chapter 3 – How Data and Information Classification Influence the Role of the CISO
Chapter 4 – Third-Party Risk
Chapter 5 – Measurement and Reporting
Chapter 6 – Management and the Board
Chapter 7 – Risk Management and Cyber Liability Insurance
Chapter 8 – Tools and Techniques
Chapter 9 – Security Policy
Chapter 10 – Finding Talent and Developing Your Team
Chapter 11 – Cyber Awareness Training: It Takes an Organization
Chapter 12 – Monitoring Your Environment
Chapter 13 – Threat Intelligence
Chapter 14 – Continuity Planning and Your Approach to Backups
Chapter 15 – Incident Response and Communication
Chapter 16 – Recovery and Resuming Operations
Chapter 17 – The Aftermath: Forensics and the Value of Post-Mortem Reviews
Chapter 18 – Building Your Strategic Plan


Copyright © 2016, 2018 CISO DRG JV – All Rights Reserved.