CISO 2.0 Program
*Updated per 2024
Information Security Management Expert – SECO’s flagship CISO certification course
This program has been updated per 2024. Updates have been integrated in the following sections: ‘Syllabus’, ‘What makes this course Unique’ and ‘Collect your Badge of Honor’. These updates have not just been made following traditional student evaluation forms with suggestions (Yes, we do read them!): They are based on hundreds of hours mentoring CISO’s, reading their problem statements and evaluating strategic business cases that they created, submitted and defended to SECO’s examination board to obtain their CISO- certification. The setup of the program offers unique insights in what’s really on the CISO’s mind, challenges they face, and what their opportunities for improvement are. As such also giving us the opportunity to further adjust the program and share these insights with their CISO peers and future participants.
The CISO 2.0 Program facilitates the growth path towards a Cybersecurity Leader that acts as a partner for business, adding the roles of Leader, Strategist and Change Manager to the Expert role. Developed by a group of renowned security leaders and reviewed by an industry veteran that advises Board Members, the program offers a unique blend of the security-, leadership-, change management- and business skills required from the modern CISO.
What makes this course Unique:
- An incredible group of cyber leaders passionate to share their knowledge and invested in helping to build the next generation of business aligned CISO’s.
- Unique blend of security-, leadership-, change management- and business skills required from the modern CISO.
- Includes topics that you would not expect in a typical security training but that we identified as critical based on extensive experience in mentoring students (E.g. Critical thinking, problem solving, systematic analysis).
- Work in small groups with highly motivated peers: We keep the classes small, and all students in class have done an intake before their registration was made final.
- At this level, only training and consuming Power Points is insufficient: The group sessions are set up with the intention of students to learn from- and work with each other. And all participants walk away from the program with a validated strategic business case that they can implement in their organizations.
- In addition to the group sessions, each student is appointed a mentor that supports them as they are developing their business case during the course of the program.
- Guest lecturers and leading Subject Matter Experts are invited, allowing for a deeper exploration into specific program modules and topics (NEW)
- Strategy use cases as source of inspiration and translating core program concepts into practice (NEW)
- Alumni students presenting the business case that they submitted and defended to SECO’s examination board (NEW)
- Flexible session times accommodate students from different time zones and provide more focused, attention-grabbing learning experiences (NEW)
“I was enrolled in the 2022 global CISO 2.0 course and I experienced outstanding overall professionalism from the onset of the course, all through to its conclusion. I was drawn to the modular and online nature of the course and could easily balance other commitments. Being a student through this course, enabled me to meet other Information Security professionals globally and offered me a sterling networking opportunity to exchange ideas, thoughts, and experience on how to navigate through the cybersecurity landscape. It also offered me the extraordinary opportunity to be mentored and taught by the sheer genius of the cybersecurity world, whose experience and wisdom in the practicalities of the subject matter was immensely valuable. I would highly recommend this course to anyone wanting to enhance their cyber security acumen, and networking opportunities complemented by an academic qualification via an educational institute of outstanding repute.”
Alisha Sarabjeeth, Portfolio Manager Information Security & Strategic Infrastructure at the Mr Price Group (South Africa)
Lies de Wit
Author & Trainer
CISO at Stater
Chris Wauters
Author & Trainer
Security Transition Manager,
Agile & Security Leadership
Koen Maris
Advisory Board
Cyber Security leader
at PwC Luxembourg
Tim Cook
Leadership Trainer
Developer of CIRO, the CISO Maturity Model
Andrea Krush
Author & Trainer
Senior Manager Cybersecurity & Privacy bij Eraneos
David Callebaut
Author & Trainer
CISO Brussels Airlines
Mario Procopio
Trainer
Interim CISO &
Founder at Pro CISO®
Ivan Milenkovic
Trainer
Rob van Os
Author & Trainer
Security Consultant
Creator SOC Maturity Model
Alisha Sarabjeeth
Author & Trainer
CISO at Mr Price Group
At a Glance
Expert level
CISO Certification course – Information Security Management Expert –
Align security with business. The different ways security can be structured in an organization, the impact on the CISO role, mandate and stakeholder influencing strategies.
Identify major flaws in security organization design. Understand the crucial role of Security Operating Models as the bridge between strategy and execution. Practice alignment with value driven strategies and operating models from business and IT.
Govern, align and lead cyber security into an organization. Create strong allies with compliance and assurance to have everything in line with regulatory and legal requirements.
Position the CISO as a trusted strategic advisor. Build a strong information security team and organisation with appropriate funding and executive support.
Lead cyber security vs being lead (as mostly done today). Communication ways, reverse psychology vs direct communication. Create a compelling story instead of denying projects because of security concerns.
Practice effective Risk Management, countervailing powers in an organization, successful implementation of risk management and responsibilities in a 3 lines of defence model. Challenge the 3 lines of defense model with Dynamic Risk Governance Principles.
Practice the impact of agile way of working on the security organization and controls.
Evaluate Cybersecurity Strategy and Road Mapping in a structured approach, specific to your IT Architecture, Risk Profile, Application Landscape, etc. and beyond the frameworks. Practice cybersecurity strategy development as a change management process to develop an implementable information security plan with realistic targets and goals. Define resource planning and budgets. Create a business case.
Manage information security in operations, programs, projects, supply chains, geographical locations, business units and in an agile organization. Learn the art of Strategic Security Operations, how to evaluate and improve SOC Maturity, SOC Capabilities and SOC performance & continuous improvement by defining and measuring Metrics that Matter.
Practice C-Level involvement. Report to the board and external stakeholders. Obtain a seat in the board, at least once or twice a year. Define relational mechanism’s, how to discuss with board members / CEO in an unformal manner.
Evaluate the cyber function in the context of Risk Appetite, the role of digital transformation and Maturity levels in different types of organizations. Evaluate typical CISO Leadership competences and opportunities to grow. Identify your leadership style and create your personal development plan.
Define a problem to solve for your organization. Walk away from the course with a strategic plan and a personal development plan.
What’s included
- Official SECO-Institute course materials and reference literature
- 5 group sessions from 9am-5pm CET OR 10 sessions from 7pm-10pm CET (NEW), spread over a period of 4 months.
- 2-hour introduction session & workshop ‘create your problem statement’.
- 1:1 Mentor Support during and after the program
- Walk away with a validated strategic business case for your organization and a personal development plan with opportunities to grow
- Exam voucher (in this case your ‘exam’ is defending your business case to SECO’s examination board – see the exam section below)
- Alumni Membership with access to SECO’s international CISO Certified Network
Who is this course for?
Typical participants include but are not limited to CISO’s, Information Security Officers, (Cyber-) Security Managers, Security Consultants, Security Architects, Security Operations Managers, Information Technology Risk Managers, Information Technology Governance Managers and Risk Advisories that integrate this course in their high potential talent programs. The program also attracts CIO’s, IT Managers and Cyber Risk Owners from business, adding additional value to group dynamics. At the end of the day, security needs to know more about business….and business more about Security! (do check minimum requirements below)
Minimum Requirements
Participants are expected to have 2 years of experience at the tactical level with a solid understanding of Governance, Risk and are familiar with Maturity Models and Frameworks. Previous trainings could include CISSP, CISM, C|CISO. Equally important, the setup of the program requires a general level of seniority, an open personality and mindset, and the willingness to continuously challenge and improve yourself.
Intake required
The success of the program and your training heavily relies on group dynamics and enabling you to connect, work with and learn from your peers. As such, the bar for admittance is set high, and we want to make sure that students feel comfortable with the setup of the program. All students that are considering joining the training will be invited for an intake before making a registration final (no exceptions!).
NDA Required
What happens in the classroom, stays in the classroom….and beyond! For obvious reasons, all students, mentors and trainers will sign a mutual Non – Disclosure Agreement prior to the course commencement date.
Syllabus
Day 0 – Introduction with all students and trainers
- Introduction trainers
- Introduction students
- Course structure and philosophy
- Examination process explained. Relation between training, homework and your assignment based exam
- Template of the final assignment is presented to students
Day 1 – CISO & The Security Organization
1.1 Security Organization Design
– Definition & Building Blocks
– Major issues: When you get it wrong…
– Security Operating Model: The DNA of your organization
– Security Capabilities in the Operating Model
– Security Governance Models
– Discussion: Governance models flaws
– CISO in- or outside of IT?
– Aligning the security team to overall business objectives
– Business alignment exercise: Aligning with different strategies and value based operating models from business
1.2. CISO Role, Interfaces and Stakeholders
– CISO Roles: Leader, Strategist, Change Manager, Expert
– Discussion: CISO Role in context to CISO Position and Mandate
– Major challenges due to lack of executive support and stakeholder alignment
– CISO interfaces and interactions
– Stakeholder Analysis based on their power, involvement in cyber, approach to cyber and relationships between stakeholders
– Creating a stakeholder analysis model and goals table. Set the stage for your influencing strategy
1.3. CISO Maturity in Leadership
– CISO Leadership in context of the Organization’s Risk Appetite and Maturity
– CIRO Model & NIST
– CIRO Model Components:
1. Different organization types based on their Risk Appetite and Maturity
2. The Cyber Security Function per each level
3. Cultural impact: Challenging-, defining- and shaping the culture
4. Nature of internal relationships, styles of interaction and level of influence of the CISO
5. CISO Leadership competencies required for each level & opportunities to grow
– CISO Leadership Assessment
Exercises:
- Aligning with strategies and value driven operating models from business
- Security Governance Models: Major pitfalls, how to identify and fix them
- CISO Interfaces: Setting the stage for your influencing strategy
- CISO Maturity in Leadership: Identify your leadership style and opportunities to grow
Day 2 – Leadership
2.1. CISO Leadership Theories
– Trait Theories
– Behavorial theories
– Contingency theories
– Power and influence theories
– Ethical leadership
– Transformational leadership
– Agile leadership
2.2. Personal competencies and leadership, KYS
– Know Yourself
– Leadership assessment
– Authenticity, trust and Integrit
– Courage
– Storytelling
2.3. CISO interfaces
– Important CISO interfaces
– Driving change building successful teams
– Driving change through building successful relationships with CISO interfaces
– Stakeholder models and influencing strategies
Exercises:
- Know yourself
- Find your own voice
- Leadership assessment and personal development plan
- Stakeholder models and influencing strategies
Day 3 – Govern, align and organize security
3.1. Business aligned security
– Introduction on business value en business strategy
– Business value strategies
– Business aligned IT and security
– Alignment with IT maturity and existing IT governance
3.2. Use Case: Cybersecurity Strategy & Road Mapping, Alisha Sarabjeeth – CISO Mr. Price
– Definitions & Steps to consider
– Layered Defense
– Hybrid Strategy Development
– Maturity Models: Risks and benefits – TRUE Security Posture
– Visualize: A strategy storyline
– Strategy & Road Map continuous alignment
3.3. Effective risk management
– Need for countervailing power in an organization
– Deep dive on effective risk management processes and risk mitigation
3.4. Security in an agile organization
– Introduction agile way of working
– Agile manifesto
– Lead by example: agile security teams
– Impact agile way of working on security
Exercises:
- Business strategy, IT and security strategy and key governance processes
- Countervailing powers (group discussion)
- Risk mitigation and risk acceptance
- Impact agile way of working on security controls
Day 4 – Information security and risk management strategy
4.1. Cybersecurity as organizational change
Foundational practice of organizational change for an implementable strategy
4.2. Tactics for creating urgency
Know the why
Never waste a good crisis
SWOT 2.0 applied to organization-stakeholder relationship
4.3. Tactics for Identifying and tackling roadblocks
Identifying roadblocks
Tackling roadblocks
– Sources of influence
– CISO addressing friction?
– Personal circles of influence
4.4. Tactics for short-term goals and achievable steps
Articulate your management plan
– Using cyber security maturity models
– Classic Fit-Gap Analysis of a standard
– Communication and KPIs: what is your dashboard?
Breaking the whole down into achievable steps
– Leveraging Agile and LEAN methods for cyber security projects and processes
– Leverage your professionals
– Management by objectives / goal setting theory
Balancing incidents and structural change for organisational impact
4.5. Tactics for keeping up the momentum
Organizational learning cq learning maturity
Using the 3 Lines of Defense
Integrate different work styles for a unified view of cybersecurity via a control framework
Day 5 – Managing Information Security, Evaluation and Reporting to the Board
5.1. Security Operations vs. Security in Operations (part 1)
– SIEM, SOC, SOAR
– SECOPS & IT
– InfoSec in Business Ops
– InfoSec in IoT
– InfosSec in Industrial environments (ISO62443)
5.2. Security Operations vs. Security in Operations (part 2)
– Challenges of InfoSec (Multi-locations, cloud, etc.)
– 3 lines of Defense versus Dynamic Risk Governance
– Breakout rooms: Translate the models into your own organization
5.3. Use Case: Assessing Security Operation Centers, Rob van Os – Strategic SOC Adviser and developer of SOC-CMM model.
– SOC – CMM Maturity Model: Measuring and Improving Maturity and Capabilities
– SOC – CMM use cases
– SOC Target Operating Model
– Measuring and improving SOC performance: Metrics that matter (SOC-CMM Metrics)
– SOC Business Case
6.1. Finance for non-financial people (introduction)
– Public versus Private organizations
– Run cost versus change costs
– Capex vs. Opex
– EBIT vs. EBITDA
– Financial Statement vs. P&L
– Financial Management & KPIs
6.2. Creating a financial plan
– Key Elements
– Common pitfalls
– Aligning stakeholder expectations
– Break-out rooms: Create a high-level financial plan to setup a SOC
7.1. What is on the Board’s mind?
Presenting Information Security:
– Sources of the report
– Ways of bringing information to the board
– When to report and to whom
– How to align with their expectations
– Who are your allies within the Board?!
Collect your badge of honor
Assignment based exam:
Students will walk away from the program with a strategic business case that they can implement in their organizations. During the course of the program, you will work on this business case with the support of your mentor. Your SECO certification is granted based on positive evaluation of both your business case and its defense before SECO’s Examination Board.
Exam Process*:
1. Choose the ‘problem to solve’ for your organization
2. Work on your problem statement and define your research questions
3. Create your strategic business case
4. Submit your problem statement and business case to SECO
5. Defend your business case to the examination board
6. Claim your certification title
* You will be assigned a mentor at the beginning of the program that will support you (1:1 with your business case.