Scribd
Upload
722 views1 page

SANS CISO Scorecard v1.2

The document is a CISO scorecard that provides an overview of the key areas of responsibility for a Chief Information Security Officer (CISO). It outlines essential security topics within security leadership, security management, and technology that a CISO should understand, including managing security programs and risks, vulnerability management, and building security capabilities. It also provides maturity models to help structure security programs and teams.

Uploaded by

Shun Kam
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
722 views1 page

SANS CISO Scorecard v1.2

The document is a CISO scorecard that provides an overview of the key areas of responsibility for a Chief Information Security Officer (CISO). It outlines essential security topics within security leadership, security management, and technology that a CISO should understand, including managing security programs and risks, vulnerability management, and building security capabilities. It also provides maturity models to help structure security programs and teams.

Uploaded by

Shun Kam
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

C I S O S C O R E C A R D

SEC U RI T Y LEADE R SHIP SE CUR ITY MANAGE ME NT


DO YOU KNOW HOW TO : DO YOU KN OW HOW TO :

Manage information risk by implementing security capabilities Build a vulnerability management program

V U L N E R A B I L I T Y M A N AG E M E N T
• Security Program Structure • Program Frameworks (NIST CSF, ISO 27001) • Asset Management • Vulnerability Management • Vulnerability scanning
• Control Frameworks • Risk Frameworks (NIST 800-39, 800-37, 800-30) Governance Model architecture and design
(NIST 800-53, CIS Controls, CMMC) • Threat Frameworks (Kill Chain, MITRE ATT&CK)
Analyze and prioritize vulnerabilities
Lead modern security initiatives and technologies • CVSS severity scores • Leverage asset context • STIX, TAXII, STAXX

TECHNOLOGY
and ratings • Root cause analysis
• Security Architecture • Vulnerability Management Maturity Model

CISO Scorecard
• Zero Trust Model • Security Awareness Maturity Model
• Cloud Security Maturity Model • Negotiation Strategies Report and communicate vulnerability data
• Metrics Hierarchy • Define reporting frequency
Version 1.2 Structure your security program and team
AND • Roles and Responsibilities • Security Reporting Relationships Treat and remediate vulnerabilities to manage risk
• Guiding Principles • Three Lines of Defense Model • PIACT Process • Automated patch • Hardening and configuration

Cloud Security Maturity Model • How to Prioritize Work • RACI Matrix management guidance and templates

Build business enabling security capabilities Build relationships and processes to make vulnerability management fun
Coming Soon! • Product Security • Mobile Security
MGT
• Relationship Map • Define incentives, set goals,
hold challenges, reward effort
MGT
516
• Cloud Security • Emerging Technologies 5 DAYS

• DevSecOps • Security Due Diligence 512


For Cyber Leaders of Today and Tomorrow
5 DAYS

Implement and automate critical security controls


Develop a security strategic plan and roadmap • Minimum Controls Baselines • Windows Management Instrumentation (WMI)
and Sensors • iPost reporting and data feeds
• Security Roadmap • SWOT Analysis • Maturity Models
sans.org/cybersecurity-leadership
• PowerShell commands and scripting • Security Content Automation Protocol (SCAP)
• PEST Analysis • Gap Analysis

Get buy-in from all levels of the organization Measure effectiveness of security controls
• Mission and Vision • Stakeholder Management • Power/Interest Grid • Measures and metrics for the CIS • Root cause analysis

S E C U R I T Y CO N T RO L S
Statements Controls • Vulnerability scanning
• CIS-CAT to audit configurations • Red Team exercises & penetration testing
Craft effective presentations for senior leadership
ST R AT E G Y

• WIIFM approach • Maturity Models Manage projects, programs, and initiatives to successful completion

CURRICULUM • Elevator pitch • KPIs and metrics • Project Management Hierarchy


• Project Management Information
System (PMIS)
• Deming’s Plan-Do-Check-Act (PDCA) Cycle
• RACI Matrix
Create security policy and procedure • Project Priority Triangle
• Thomas-Kilmann Conflict Model
• Risk Breakdown Structure (RBS)
FORMULA FOR FORMULA FOR • Policy Pyramid • Policy voicing • SMART approach • Work Breakdown Structure • Decision Tree Analysis
TRANSFORMATIONAL OPERATIONAL
CYBERSECURITY LEADERS CYBERSECURITY EXECUTIVES Align with business objectives Build dashboards for security and compliance
• Security Business Case • Multi-Year Budget • SNAP approach for marketing
• Using spreadsheets as data sources • Adding Grafana data sources and building
MGT MGT Respond to legal and regulatory risks
and as visualization tools dashboard

512 516 • Conduct critical legal analysis • Case studies on policy, privacy, MGT
• Configuring Graphite and
loading data
• Building tactical reports directly from acquired
data using pivot tables and graphs

• Contract drafting styles digital evidence, contracts, regulatory 514


investigations, and liability 5 DAYS
Plan and execute effective audits
MGT MGT SEC MGT
514 521 566 551 • Scoping to cover highest risk areas
• Effective audit reports
• Approved baseline configurations
• Scripting audit tasks
SEC
566
5 DAYS

Create a sustainable cybersecurity culture


• The Culture Factor • Values Statement
MGT Security Leadership Essentials MGT Managing Security Vulnerabilities:
512 for Managers | GSLC 516 Enterprise and Cloud
Drive long-term organizational change Build a Security Operations Center (SOC)
5 DAYS Leading security initiatives to 5 DAYS Building and leading a vulnerability
manage information risk management program • SOC Functional Model • Collect, Detect, Triage, Investigate, Respond

S E C U R I T Y O P E R AT I O N S
• ADKAR Model • Kotter’s 8 Steps • Satir Model

Improve effectiveness and impact of security initiatives Lead incident response planning and execution
MGT Security Strategic Planning, SEC Implementing and Auditing Security
C U LT U R E

514 Policy, and Leadership | GSTRT 566 Frameworks and Controls | GCCC • Curse of Knowledge • Kirkpatrick Evaluation • System 1 vs. System 2 • RE&CT Framework • Hardening, Telemetry, • Plan activities
5 DAYS Aligning security initiatives with strategy 5 DAYS Building and auditing Critical Security Controls Model Process, and Practice
• ADDIE Model • Choice Overload

 ead, motivate, and inspire teams to execute


L Develop analysis techniques, playbooks, and detection use cases
• MITRE ATT&CK for use • Sigma and YARA for • Jupyter for data analysis
MGT Leading Cybersecurity Change: MGT Building and Leading the plan and improve security cases detections and threat hunting
521 Building a Security-Based Culture 551 Security Operations Centers
5 DAYS Leading & aligning security initiatives 5 DAYS Building and leading Security • Circle of Trust • Conflict Resolution • Ambassador Programs
with culture Operations Centers • FILE Feedback Model • AIDA Model • Incentive Framework Create metrics and strategies for SOC improvement
• ABCs of Delegation
• Metrics vs. KPIs. vs. OKRs
sans.org/cybersecurity-leadership
Build a mature security awareness program Implement training and retention strategies to prevent burnout
@secleadership MGT MGT
• Security Awareness • Maturity Model Indicators • BJ Fogg Behavior Model 521 • SOC Human Capital Model 551
Maturity Model Matrix 5 DAYS 5 DAYS
SANS Security Leadership
MGTPS_CISO-SC_v1.2_0422

You might also like