#1 Best Selling Information Security Book by Taylor & Francis in 2019, 2020, 2021 and 2022!

2020 Cybersecurity CANON Hall of Fame Winner!

Todd Fitzgerald, co-author of the ground-breaking (ISC)2 CISO Leadership: Essential Principles for Success, Information Security Governance Simplified: From the Boardroom to the Keyboard, co-author for the E-C Council CISO Body of Knowledge, and contributor to many others including Official (ISC)2 Guide to the CISSP CBK, COBIT 5 for Information Security, and ISACA CSX Cybersecurity Fundamental Certification, is back with this new book incorporating practical experience in leading, building, and sustaining an information security/cybersecurity program.

CISO COMPASS includes personal, pragmatic perspectives and lessons learned of over 75 award-winning CISOs, security leaders, professional association leaders, and cybersecurity standard setters who have fought the tough battle. Todd has also, for the first time, adapted the McKinsey 7S framework (strategy, structure, systems, shared values, staff, skills and style) for organizational effectiveness to the practice of leading cybersecurity to structure the content to ensure comprehensive coverage by the CISO and security leaders to key issues impacting the delivery of the cybersecurity strategy and demonstrate to the Board of Directors due diligence. The insights will assist the security leader to create programs appreciated and supported by the organization, capable of industry/ peer award-winning recognition, enhance cybersecurity maturity, gain confidence by senior management, and avoid pitfalls.

The book is a comprehensive, soup-to-nuts book enabling security leaders to effectively protect information assets and build award-winning programs by covering topics such as developing cybersecurity strategy, emerging trends and technologies, cybersecurity organization structure and reporting models, leveraging current incidents, security control frameworks, risk management, laws and regulations, data protection and privacy, meaningful policies and procedures, multi-generational workforce team dynamics, soft skills, and communicating with the Board of Directors and executive management. The book is valuable to current and future security leaders as a valuable resource and an integral part of any college program for information/ cybersecurity.

section 1|50 pages

The CISO Road Map

chapter Chapter 1|34 pages

CISO Role: Evolution or Revolution?

section 2|78 pages


chapter Chapter 3|35 pages

Developing Strategy

chapter Chapter 4|39 pages

Emerging Technologies and Trends

section 3|52 pages


chapter Chapter 5|38 pages

Cybersecurity Organization Structure

chapter Chapter 6|11 pages

CISO Reporting Models

section 4|128 pages


chapter Chapter 7|36 pages

Leveraging the Incidents of Others

chapter Chapter 8|53 pages

The Security Control Framework Maze

chapter Chapter 9|35 pages

Risk Management Practices

section 5|106 pages

Shared Values

chapter Chapter 10|28 pages

It’s the Law

chapter Chapter 11|52 pages

Data Protection and Privacy Every CISO Must Know

chapter Chapter 12|24 pages

Meaningful Policies and Procedures

section 6|44 pages


chapter Chapter 13|41 pages

Multigenerational Workforce Team Dynamics

section 7|28 pages


chapter Chapter 14|25 pages

CISO Soft Skills

section 8|24 pages


chapter Chapter 15|21 pages

The CISO and the Board of Directors