Source: Webroot Threat Blog
Over the last couple of years, I’ve written and spoken regularly about the changing roles of the Chief Information Security Officer (CISO). And what better way to demonstrate the many skills the position requires – from the technical to the managerial – than journaling a day’s work. A CISO has to be the strategic partner his or her company needs to manage risk. So for anyone who may be curious, here’s what a day in the life of a CISO looks like.
Hit the ground running
05:46 – Time to get up. Traffic is pretty heavy driving into work, so I have to leave early. As I rise, I check my phone for new emails. Then I check my calendar… it’s going to be a busy day.
06:42 – I pull into Starbucks. I need my venti Pike and a hot morning bun to help me wake-up for the day. As I wait for my coffee, I’m already thinking about my meetings and reading through emails. I learn that we need to triage an issue with Webroot’s SEIM vendor that prevents Webroot employees from accessing certain URLs.I need to speak with the team about tuning our email gateway to stop flagging certain types of email attachments.
07:27 – After making it to the office, I grab another cup of coffee as I walk to my office to check email and read cybersecurity news articles I’ve flagged.
08:10 – After I finish reading email, I prepare for a meeting with my team at 08:30.
- We’re currently transitioning from one fiscal year to the next, so I want to review with my team what we have budgeted and go over projects that have been funded. I want them to have some context about what we will be working on, what security controls we need to mature and I want each of my team members to volunteer to help manage a project with the project manager.
09:46 – Time for a quick meeting with my Deputy. I work in a satellite office in San Diego, but I’ll be at headquarters in Colorado in a couple weeks, and I want to plan some team meetings.
- As a CISO, it’s important that I mentor my team and spend time one-on-one with its leaders. As the role of cybersecurity has matured, much of we do is now woven throughout the business, and I believe it’s critical that my team develops the skills it needs to relate to non-technical stakeholders.
10:31 – As I put together a 3-year strategic roadmap to help my organization achieve its goals (ISO 27001 and GDPR certification), I seek out another point of view from my CISO mentor. Even I need assistance at times.
- As a CISO, you…
Click here to read more