The world if cybersecurity is evolving at a rapid pace, and so is the role of the CISO. Twenty years ago, the head of information security started in the networking team, dabbled a bit in the security space, and grew to run the network-centric information security team. Along came Sarbanes Oxley and PCI-DSS in the early 2000’s, and the role began to evolve to include the governance, risk, and compliance functions.
Fast forward a few years, and OWASP launched its Top 10 Web Application Security Vulnerabilities list, and the discipline of Application Security entered the remit of information security department. Enter the 2010s, and the role of information security evolved to be more strategic to an enterprise, and that head of Information Security was elevated to the Chief Information Security Officer who is expected to not only be a technologist but a solid business contributor. What’s next for the role? Physical Security Convergence, Data Governance/Science, Privacy? Only time will tell.
If you are a newly minted CISO or an old veteran with new responsibilities, MassTLC is offering a “CISO” bootcamp for its members. This 6-part program, which launched in May, covers all the current disciplines that are within a “typical” 2018 CISO’s remit. Each class is taught by a senior security executive with the goal of imparting wisdom and best practices that will allow participants to hit the ground running.
- Oct 4 – Incident Response Plans/SOC
- Nov 1 – Physical Security
- TBD – Privacy vs. Security
To learn more, contact Sara Fraim: firstname.lastname@example.org or click the link below: