CISO Leadership: Essential Principles for Success ((ISC)2 Press) (Hardcover)

~ Todd Fitzgerald (Author), CISSP Micki Krause (Author)
Key Phrases: business function, security leadership, chief information security officer, Future Issue Impact, Future Technology Issues, Security Councils (more...)

Editorial Reviews

Review

Contemporary information security is a relatively new specialty that continues to evolve. Even newer is the job title "chief information security officer." As a result, those who don the CISO mantle do so without an established playbook.
In CISO Leadership: Essential Principles for Success, a number of experienced and highly successful information security practitioners share their collective experiences—including mistakes. They provide valuable advice for those aspiring to become information security leaders.
A common theme throughout the books 19 chapters is the idea that information security is about more than simply amassing technical knowledge. Rather, it is the combined set of skills that include leadership, team building, communication, risk assessment, and corporate business savvy. Lack of these skills has often resulted in a CISOs premature termination.
The book is divided into three sections all centered on the issue of leadership. Part I is titled "A Leadership Disconnect," while Part II "Leadership Mandate" features chapters on fundamental topics, such as career advancement, security as a business function, business drivers, and more. Part III, "Leadership Evolution," covers business savvy, organizational culture, selling security, and more.
For those with a forward career path in information security, CISO Leadership is a valuable guidebook. The authors "war stories" can help you avoid the bumps as you go down that road. The breadth and depth of the experience of the authors makes this a unique book that you can use to further your information security career.
—Ben Rothke, Security Management

Contemporary information security is a relatively new specialty that continues to evolve. Even newer is the job title "chief information security officer." As a result, those who don the CISO mantle do so without an established playbook.
In CISO Leadership: Essential Principles for Success, a number of experienced and highly successful information security practitioners share their collective experiences—including mistakes. They provide valuable advice for those aspiring to become information security leaders.
A common theme throughout the books 19 chapters is the idea that information security is about more than simply amassing technical knowledge. Rather, it is the combined set of skills that include leadership, team building, communication, risk assessment, and corporate business savvy. Lack of these skills has often resulted in a CISOs premature termination.
The book is divided into three sections all centered on the issue of leadership. Part I is titled "A Leadership Disconnect," while Part II "Leadership Mandate" features chapters on fundamental topics, such as career advancement, security as a business function, business drivers, and more. Part III, "Leadership Evolution," covers business savvy, organizational culture, selling security, and more.
For those with a forward career path in information security, CISO Leadership is a valuable guidebook. The authors "war stories" can help you avoid the bumps as you go down that road. The breadth and depth of the experience of the authors makes this a unique book that you can use to further your information security career.
—Ben Rothke, Security Management

Product Description

Caught in the crosshairs of “Leadership” and “Information Technology”, Information Security professionals are increasingly tapped to operate as business executives. This often puts them on a career path they did not expect, in a field not yet clearly defined. IT training does not usually includemanagerial skills such as leadership, team-building, communication, risk assessment, and corporate business savvy, needed by CISOs. Yet a lack in any of these areas can short circuit a career in information security.

CISO Leadership: Essential Principles for Success captures years of hard knocks, success stories, and yes, failures. This is not a how-to book or a collection of technical data. It does not cover products or technology or provide a recapitulation of the common body of knowledge. The book delineates information needed by security leaders and includes from-the-trenches advice on how to have a successful career in the field.

With a stellar panel of contributors including William H. Murray, Harry Demaio, James Christiansen, Randy Sanovic, Mike Corby, Howard Schmidt, and other thought leaders, the book brings together the collective experience of trail blazers. The authors have learned through experience—been there, done that, have the t-shirt—and yes, the scars. A glance through the contents demonstrates the breadth and depth of coverage, not only in topics included but also in expertise provided by the chapter authors. They are the pioneers, who, while initially making it up as they went along, now provide the next generation of information security professionals with a guide to success.

Product Details

• Hardcover: 312 pages
• Publisher: AUERBACH; 1 edition (December 22, 2007)
• Language: English
• ISBN-10: 0849379431
• ISBN-13: 978-0849379437
• Product Dimensions: 9.2 x 6.2 x 0.9 inches
• Shipping Weight: 1.2 pounds (View shipping rates and policies)
• Average Customer Review: 4.3 out of 5 stars  See all reviews (3 customer reviews)
• Amazon.com Sales Rank: #729,344 in Books (See Bestsellers in Books)

  Popular in this category: (What's this?)

  #37 in

  Books > Business & Investing > Management & Leadership > Risk Assessment

Customer Reviews

Most Helpful Customer Reviews

11 of 11 people found the following review helpful:

4.0 out of 5 stars A good book for the security professional's library, March 21, 2008

By	sb - See all my reviews (REAL NAME)

This reference contains good insight and very practical information for a new security professionals or security professionals with less than 8 years in the field. The authors have and had leading positions in the information security field. I liked the way it was written with the different authors giving their perspective and advice. Very good reference.

10 of 12 people found the following review helpful:

5.0 out of 5 stars An excellent book for the new or seasoned CISO, January 3, 2008

By	BJ "CISSP" - See all my reviews

This book covers some very valuable insights to developing your skills as a new or seasoned CISO as well as into a well rounded one. There is lots of great information provided from some of the leading industry representatives in the field of security worthy of reading. I personally have heard Todd Fitzgerald speak on the topics of security and consider him a superb security advocate and leader in the CISO realm.

4 of 4 people found the following review helpful:

4.0 out of 5 stars Valuable guidebook for the serious information security professional, August 1, 2008

By	Ben Rothke "Author of 'Computer Security: 20 ... (USA) - See all my reviews (TOP 1000 REVIEWER)    (REAL NAME)

Contemporary information security is a relatively new specialty that continues to evolve. Even newer is the job title "chief information security officer." As a result, those who don the CISO mantle do so without an established playbook.

In CISO Leadership: Essential Principles for Success, a number of experienced and highly successful information security practitioners share their collective experiences--including mistakes. They provide valuable advice for those aspiring to become information security leaders.

A common theme throughout the book's 19 chapters is the idea that information security is about more than simply amassing technical knowledge. Rather, it is the combined set of skills that include leadership, team building, communication, risk assessment, and corporate business savvy. Lack of these skills has often resulted in a CISO's premature termination.

The book is divided into three sections all centered on the issue of leadership. Part I is titled "A Leadership Disconnect," while Part II "Leadership Mandate" features chapters on fundamental topics, such as career advancement, security as a business function, business drivers, and more. Part III, "Leadership Evolution," covers business savvy, organizational culture, selling security, and more.

For those with a forward career path in information security, CISO Leadership is a valuable guidebook. The authors' "war stories" can help you avoid the bumps as you go down that road. The breadth and depth of the experience of the authors makes this a unique book that you can use to further your information security career.