RE: First day and week as CISO?
- From: "Robertson, Seth (JSC-IM)" <Seth.Robertson-1@xxxxxxxx>
- Date: Mon, 1 Dec 2008 14:24:56 -0600
Conduct a fresh organization-wide risk assessment to determine the
stregths and weaknesses of the information security controls and
practices; the existing security staff probably know a handful of
weaknesses off-hand (sore points which they have previously been
unsuccessful at better securing). There are many benefits: you are able
to present management a fresh understanding of the security posture, you
are able to identify areas which they have de facto already accepted a
risk, whether they know it or not (and if an incident occurs as a result
of the existing security state you have CYA), and you are able to spin
off a justified list of projects to mitigate those risks on the horizon.
-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of cisohelp@xxxxxxxxxxxxxx
Sent: Sunday, November 30, 2008 11:23 AM
To: security-basics@xxxxxxxxxxxxxxxxx
Subject: Re: First day and week as CISO?
throw away wrote:
Scenario....below:
Going to be interviewing soon for a CISO..
One of the questions were going to be asking is the theroy question
firewall's.
What would you do in the first day and week on the job?
The company is multi-million $ company, web based, sites all over the
globe. 100's of users, 100's of servers, and a hell of alot of
Any thoughts?
- References:
- Re: First day and week as CISO?
- From: cisohelp@xxxxxxxxxxxxxx
- Re: First day and week as CISO?
- Prev by Date: Re: Creating my own personal Linux distribution for Penetration Testing and White-Hat Hacking
- Next by Date: Re: Creating my own personal Linux distribution for Penetration Testing and White-Hat Hacking
- Previous by thread: Re: First day and week as CISO?
- Next by thread: Re: Re: First day and week as CISO?
- Index(es):
Relevant Pages
|
