The CISO Job - Getting It, and Keeping It

CISOs must deal with several stakeholders within the organization. These stakeholders range from BOD members, C-Level management, peer compliance stakeholders (e.g. Legal, Privacy Office), vendors, and the IT organization itself.

This session will focus on critical success factors to dealing with this wide array of stakeholders and success case studies.

Specifically, this session will discuss the politics of getting alignment and buy in with the many stakeholders within the organizations such as:
•Board of Directors and C-Level management
•Natural allies such as compliance, privacy, audit, enterprise risk management
•Potential contentious relationships with line or business unit management
•IT organization strategic and tactical delivery goals and objectives

Speakers include:
•Craig Shumard, Principal, Shumard and Associates, LLC, Emeritus CISO, Cigna
•Tom Doughty, VP & CISO,Prudential
•Larry Brock, CISO emeritus, Dupont
•Bob Hillmer, Director, Enterprise Information Security and Directory Services
•Marcus Ranum, CSO, Tenable Network Security

A Politics of Information Security Webcast.

This webcast will focus on how risk tolerance is decided within an organization and the processes and politics of risks assumption. Topics to be covered include:

- How risk tolerance is decided within an organization
-- Informal to formal risk tolerance model
- How and who can assume risk
- Risk assessment and risk assumption linkages
- Competing Drivers
-- Business unit versus enterprise risk

Presenters include:
- Craig Shumard, Principal, Shumard and Associates, retired CISO, Cigna
- Dennis Brixius, VP of risk management and CSO, McGraw Hill
- Catherine Rees, CISO, Dow Jones & Company
- Marcus J. Ranum, CSO, Tenable Network Security

A Politics of Information Security Webcast
Earlier this year, a panel of Chief Security Officers from some of the nation’s highest profile companies met to talk about how to get and keep the CISO job. The response was tremendous – over 1,000 people have participated in the session. But that talk only scratched the surface – our team of panelists has much more information to share. Join us for Part II of the discussion where we’ll dig into some of the questions that didn’t get answered in the initial discussion, and cover more ground on topics like working with senior management.
You'll learn:
How to Get the CISO Job:
- How to deal with senior management
- Establishing governance frameworks to guide your activities
- Advice on balancing tactical vs. strategic efforts
- Positioning yourself as an enabler, not a blocker
- Staying ahead by meeting all important audit and regulatory requirements
Featured Speakers:
- Craig Shumard, Principal, Shumard and Associates, LLC, retired CISO, Cigna
- Marcus Ranum, CSO, Tenable Network Security
- Todd Bearman, CISO, Towers Watson
- Vas Rajan, CISO, ING Direct
- John Masserini, Chief Security Officer of Miami International Holdings and the Miami International Securities Exchange (MIAX)

A Politics of Information Security Webcast

Over the last decade, the Chief Information Security Officer (CISO) has emerged as the job in IT risk management. But for many, it's a high-risk career move. Average tenures in the role remain mired at just a few years. But success is possible — join our expert panel to learn how you can get, and keep, the CISO job.

You'll learn:

How to Get the CISO Job:
- Who gets to the top of the shortlist
- Whether certifications play a role
- How experience in other parts of the organization can help your bid

And Then, How to Keep It:
- How to deal with senior management
- Establishing governance frameworks to guide your activities
- Advice on balancing tactical vs. strategic efforts
- Positioning yourself as an enabler, not a blocker
- Staying ahead by meeting all important audit and regulatory requirements


Featured Speakers:
- Craig Shumard, Principal, Shumard and Associates, LLC, retired CISO, Cigna
- Marcus Ranum, CSO, Tenable Network Security
- Todd Bearman, CISO, Towers Watson