The book takes readers though a series of security and risk discussions based on real-life experiences. While the experience story may not be technical, it will relate specifically to a value or skill critical to being a successful CISO. The core content is organized into ten major chapters, each relating to a "Rule of Information Security" developed through a career of real life experiences. The elements are selected to accelerate the development of CISO skills critical to success. Each segments clearly calls out lessons learned and skills to be developed. The last segment of the book addresses presenting security to senior execs and board members, and provides sample content and materials.

section I|2 pages

Introduction and History

chapter 1|2 pages

Introduction: The Journey

chapter 2|4 pages

Learning from History?

chapter 3|4 pages

My First CISO Lesson: The Squirrel

section II|2 pages

The Rules and Industry Discussion

chapter 4|24 pages

A Weak Foundation Amplifies Risk

chapter 7|18 pages

Know the Enemy, Think Like the Enemy

chapter 8|20 pages

Know the Business, Not Just the Technology

chapter 10|14 pages

Every Organization Must Assume Some Risk

chapter 15|16 pages

NEVER Trust and ALWAYS Verify

section III|2 pages


chapter 16|4 pages

My Best Advice for New CISOs