CISO 2.0 Program

4 months

Information Security Management Expert – SECO’s flagship CISO certification course

The CISO job is no longer just to protect against threats and manage risk; they are now expected to play a crucial role in managing brand perception, employee engagement and the strategic adoption of new technologies driving revenue and further growth. In paradox, the huge paste of digital transformation and scale and complexity of threats has driven Security Leaders to become more business savvy now that security is entering the boardroom level. The growth path towards becoming a Cybersecurity Leader that acts as a partner for business has changed, adding the roles of Leader, Strategist and Change Manager to the existing Expert role. The CISO 2.0 Program was designed based on this evolution: Participants will move from managing towards leading security into the organization, from technical- and risk based- to business aligned security, from adapting to influencing stakeholders and building strong allies, and dive deep into the management side of security, how business works and why and how security is important for it. Developed by a group of renowned security leaders and reviewed by an industry veteran that advises Board Members, the program offers a unique blend of the practical-, leadership-, management- and business skills required from the CISO 2.0. To successfully participate in this course, students should have at least 2 years of experience in coordinating information security at the tactical level. Prior education could include CISSP, CISM, C|CISO, Information Security Practitioner or similar.

Authors & Lead Trainers

Lies Alderlieste-de Wit
Author & Trainer

Global Director cybersecurity governance at Danone

Chris Wauters
Author & Trainer

Security Transition Manager,
Agile & Security Leadership

Koen Maris
Advisory Board

Cyber Security leader
at PwC Luxembourg

Tim Cook
Leadership Trainer

Developer of CIRO, the CISO Maturity Model

Andrea Krush
Author & Trainer

Information Security Manager DAS

David Callebaut
Author & Trainer

CISO Brussels Airlines

At a Glance

Expert level

CISO Certification course – Information Security Management Expert –

5 days

Experienced professionals looking to lead security in a CISO- or similar role. Current CISO’s with a technical background that want to learn more about the business- , leadership- and management side of security.

IT / business / security alignment, the evolution of information security from technology- driven to risk based to business- aligned, the different ways security can be structured in an organization and the impact on the CISO role.

Govern, align and lead cyber security into an organization. Create strong allies with compliance and assurance to have everything in line with regulatory and legal requirements.

Position the CISO as a trusted strategic advisor. Build a strong information security team and organisation with appropriate funding and executive support.

Establish a good relationship with internal and external stakeholders. Lead cyber security vs being lead (as mostly done today). Communication ways, reverse psychology vs direct communication. Create a compelling story instead of denying projects because of security concerns.

Translate strategic information security goals to an information security plan with realistic targets and goals. Define resource planning and budgets. Create a business case.

Manage information security in operations, programs, projects, supply chains,  geographical locations, business units.

Report to the board and external stakeholders.  Obtain a seat in the board, at least once or twice a year. Define relational mechanism’s, how to discuss with board members / CEO in an unformal manner.

Understand the agile organization and agile security.

Syllabus

Day 0 – Introduction with all students and trainers

  • Introduction trainers
  • Introduction students
  • Course structure and philosophy
  • Examination process explained. Relation between training, homework and your assignment based exam
  • Template of the final assignment is presented to students

Day 1 – CISO & The Security Organization

1.1 Security Organization Design
– Definition & Building Blocks
– Major issues: When you get it wrong…
– Security Operating Model: The DNA of your organization
– Security Capabilities in the Operating Model
– Security Governance Models
– Discussion: Governance models flaws
– CISO in- or outside of IT?
– Aligning the security team to overall business objectives
– Business alignment exercise: Aligning with different strategies and value based operating models from business

1.2. CISO Role, Interfaces and Stakeholders
– CISO Roles: Leader, Strategist, Change Manager, Expert
– Discussion: CISO Role in context to CISO Position and Mandate
– Major challenges due to lack of executive support and stakeholder alignment
– CISO interfaces and interactions
– Stakeholder Analysis based on their power, involvement in cyber, approach to cyber and relationships between stakeholders
– Creating a stakeholder analysis model and goals table. Set the stage for your influencing strategy

1.3. CISO Maturity in Leadership
– CISO Leadership in context of the Organization’s Risk Appetite and Maturity
– CIRO Model & NIST
– CIRO Model Components:
1. Different organization types based on their Risk Appetite and Maturity
2. The Cyber Security Function per each level
3. Cultural impact: Challenging-, defining- and shaping the culture
4. Nature of internal relationships, styles of interaction and level of influence of the CISO
5. CISO Leadership competencies required for each level & opportunities to grow
– CISO Leadership Assessment

Exercises:

  • Aligning with strategies and value driven operating models from business
  • Security Governance Models: Major pitfalls, how to identify and fix them
  • CISO Interfaces: Setting the stage for your influencing strategy
  • CISO Maturity in Leadership: Identify your leadership style and opportunities to grow

Day 2 – Leadership

2.1. CISO Leadership Theories
– Trait Theories​
– Behavorial theories​
– Contingency theories​
– Power and influence theories
– Ethical leadership
– Transformational leadership
– Agile leadership

2.2. Personal competencies and leadership, KYS
– Know Yourself
– Leadership assessment
– Authenticity, trust and Integrit
– Courage
– Story telling

2.3. CISO interfaces
– Important CISO interfaces
– Driving change building successful teams
– Driving change through building successful relationships with CISO interfaces
– Stakeholder models and influencing strategies

Exercises:

  • Know yourself
  • Find your own voice
  • Leadership assessment and personal development plan
  • Stakeholder models and influencing strategies

Day 3 – Govern, align and organize security

3.1. Business aligned security
– Introduction on business value en business strategy
– Business value strategies
– Business aligned IT and security
– Alignment with IT maturity and existing IT governance

3.2. Effective risk management
– Need for countervailing power in an organization
– Deep dive on effective risk management processes and risk mitigation

3.3. Security in an agile organization
– Introduction agile way of working
– Agile manifesto
– Lead by example: agile security teams
– Impact agile way of working on security

Exercises:

  • Business strategy, IT and security strategy and key governance processes
  • Countervailing powers (group discussion)
  • Risk mitigation and risk acceptance
  • Impact agile way of working on security controls

Day 4 – Information security and risk management strategy

4.1. Cybersecurity as organizational change
Foundational practice of organizational change for an implementable strategy

4.2. Tactics for creating urgency
Know the why
Never waste a good crisis
SWOT 2.0 applied to organization-stakeholder relationship

4.3. Tactics for Identifying and tackling roadblocks
Identifying roadblocks
Tackling roadblocks
– Sources of influence
– CISO addressing friction?
– Personal circles of influence

4.4. Tactics for short-term goals and achievable steps
Articulate your management plan
– Using cyber security maturity models
– Classic Fit-Gap Analysis of a standard
– Communication and KPIs: what is your dashboard?
Breaking the whole down into achievable steps
– Leveraging Agile and LEAN methods for cyber security projects and processes
– Leverage your professionals
– Management by objectives / goal setting theory
Balancing incidents and structural change  for organisational impact

4.5. Tactics for keeping up the momentum
Organizational learning cq learning maturity
Using the 3 Lines of Defense
Integrate different work styles for a unified view of cybersecurity via a control framework

 

Day 5 – Managing Information Security, Evaluation and Reporting to the Board

5.1. Security Operations vs. Security in Operations (part 1)
– SIEM, SOC, SOAR
– SECOPS & IT
– InfoSec in Business Ops
– InfoSec in IoT
– InfosSec in Industrial environments (ISO62443)

5.2. Security Operations vs. Security in Operations (part 2)
– Challenges of InfoSec (Multi-locations, cloud, etc.)
– 3 lines of Defense versus Dynamic Risk Governance
– Breakout rooms: Translate the models into your own organization

6.1. Finance for non-financial people (introduction)
– Public versus Private organizations
– Run cost versus change costs
– Capex vs. Opex
– EBIT vs. EBITDA
– Financial Statement vs. P&L
– Financial Management & KPIs

6.2. Creating a financial plan
– Key Elements
– Common pitfalls
– Aligning stakeholder expectations
– Break-out rooms: Create a high-level financial plan to setup a SOC

7.1. What is on the Board’s mind?
Presenting Information Security:
– Sources of the report
– Ways of bringing information to the board
– When to report and to whom
– How to align with their expectations
– Who are your allies within the Board?!

Collect your badge of honor

Assignment based exam:
At the beginning of the program, you will receive the template of your final assignment. The goal of this assignment is to assess students’ capabilities to apply course content and practices teached throughout the course. Students must write this document as if this pertains a real time security case or security strategy, preferably applicable to the students own working environment. The case or strategy should ideally bring value to the company student is employed. During the course, separate assignments need to be executed prior to certain lectures and will be discussed during class. These can be integrated into the overall template assignment document. We strongly advise to define your ‘’problem to solve’’ as early as possible as to maximise benefit from class assignments and in this way to minimize workload at the end of the course.

 

Exam Process:
1. Decide your problem to solve for your final assignment early in the program
2. Take the training, make your assignments for each Training Day
3. Integrate the theory and practices into your final assignment
4. Evaluation of your assignment by the board
5. Take the remote online proctor exam with questions related to your assignment
6. Claim your ISME Certification Title
7. Adding work experience: Claim your S-CISO Title

Dates & locations

Online Live

5 days

10am – 5.00pm CET

21 January
18 February
11 March
1, 15 April, 2022

Find a Local Training Partner

Organize a class dedicated for your team