|Print List Price:||$44.95|
Save $6.00 (13%)
CISO Desk Reference Guide: A Practical Guide for CISOs [Print Replica] Kindle Edition
|New from||Used from|
|Format: Print Replica|
- Due to its large file size, this book may take longer to download
Enter your mobile number or email address below and we'll send you a link to download the free Kindle App. Then you can start reading Kindle books on your smartphone, tablet, or computer - no Kindle device required.
To get the free app, enter your mobile phone number.
Customers who bought this item also bought
Would you like to tell us about a lower price?
Top Customer Reviews
From the excellent discussion of the evolving CISO role and how best to embed it in the organization, to fundamentals like data classification and controls, to advice on tools and techniques, the CISO Desk Reference Guide delivers multiple perspectives on the foundations of organizational cybersecurity. I would say this is essential reading for both aspiring and incumbent Chief Information Security Officers. The CISO Desk Reference Guide helps fill a critical gap in the ever-evolving information security common body of knowledge.
I personally found that reading it end-to-end would breeze past far too much valuable information. Reading one topic at a time and the three responses is the perfect way to digest this book. Reflecting on each topic, sometimes I would lean toward what Gary would write vs Bill. Other times I thought Matt provided the most practical response that I could apply myself. Taking the three together ensured that you are exposed to different viewpoints. This is not a textbook: it deals with the real world. No one response is "more right" than the other, but I've found that it has helped shape my own views. This is indeed "giving back" by helping others in similar roles learn from their individual experiences.
I fully expect to be able to use this indeed as a desktop reference: the first chapter is about the role of the CISO and how it fits within a company and what to look for to ensure success of the role. This is instant value when choosing my next job (and in fact evaluating my current one). That alone is well worth the price.
Here's what I specifically liked about the book:
* It gives thoughtful and thorough coverage of the CISO's areas of concern.
* The organization is innovative, which captured my attention.
* The use of questions to inform each chapter is also very likable.
* With each author's voice clearly indicated, it's useful to see three different ways of addressing the questions.
* It's neat how the three author perspectives merge into a single collection of recommendations at the end of each chapter.
* I really like the end of chapter summaries. I almost wish each one appeared at the beginning of the chapter rather than at the end!
After careful review, and a discussion with one of the authors, I have three constructive criticisms:
1. I kept looking for some commentary on what a CISO should do when their great plan is regularly undermined by the regular internal fight for resources; when do you accept a loss and keep going versus starting to polish your resume for the next job?
2. The book doesn't clearly answer this question: Is the CISO's problem space primarily a technology or a managerial one?
3. The next edition should include a new chapter on "CISO Management and Leadership Tools and Strategies". This wouldn't be a debate about which is better (manager versus leader), but a full description of how CISOs need to wield tools from both their manager and leader kits at the appropriate times. Sometimes switching between them as needed in the same conversation depending on the need: Will a rationale approach get me closer to my goal, or do I need to be persuasive and enter into the realm of emotions?
My thanks to the authors for their contributions and best of luck!