The CISO Journey Life Lessons and Concepts to Accelerate Your Professional Development

The book takes readers though a series of security and risk discussions based on real-life experiences. While the experience story may not be technical, it will relate specifically to a value or skill critical to being a successful CISO. The core content is organized into ten major chapters, each relating to a "Rule of Information Security" developed through a career of real life experiences. The elements are selected to accelerate the development of CISO skills critical to success. Each segments clearly calls out lessons learned and skills to be developed. The last segment of the book addresses presenting security to senior execs and board members, and provides sample content and materials.

The CISO as a Business Partner: Balancing Business Need with Security Need. Serving Executive Management and the Board. Gaining a Seat at the Table. Adding Value While Meeting Security and Regulatory Needs and Mandates. Addressing Issues When Management Objects. Can Your CISO Role Be Viewed as Strategic Value Add. The Ten Rules and How They Impact the Business and Your Career Path: Explaining Security and Risk Issues Clearly and Succinctly. Methods for Implementing Cultural Change to Build Security. Management Expectations vs. Security Policy and How to Resolve Conflicts. Clear, Simple Examples of Implementing Basic Risk Analysis Processes. Developing Clear Key Risk Indicators and Metrics that Yield Business Value. Methods to Build a Clear, Concise Information Security Strategic Plan. Developing the Written Informaiton Security Plan. Talking to Executive Management and the Board and Career Development: Emerging SEC Regulations Require CISO to Brief Board and Provide Education. Dealing with "Shadow IT". Building an Experiential Portfolio to be an Effective CISO. Building Trust with Executive Management. Outsourcing, Co-sourcing, and In-sourcing Keys and Challenges. Maintaining Appropriate Skill Sets and Knowledge within Information Security

Gene Fredriksen, Chief Information Security Officer at PSCU, is responsible for the company’s development of information protection and technology risk programs. Gene has over twenty-five years of information technology experience, with the last twenty focused in information security. In this capacity, he has been heavily involved with all areas of audit and security. Prior to joining PSCU, Gene held the positions of CISO for Tyco International, Principal Consultant for Security and Risk Management Strategies for Burton Group, Vice President of Technology Risk Management and Chief Security Officer for Raymond James Financial and Information Security Manager for American Family Insurance. Gene is a Distinguished Fellow with the GlobalInstitute for Cyber Security and Research, located at the Kennedy Space Center. He is also the Executive Director of the newly formed National Credit Union Information Sharing and Analysis Organization. He was as the Chair of the Security and Risk Assessment Steering Committee for BITS, and served on the R&D committee for the Financial Services Sector Steering Committee of the Department of Homeland Security. Gene is a Distinguished Fellow for the Global Institute for Cyber Security and Research, headquartered at the Kennedy Space Center. Gene is a member of the SC Magazine Editorial Advisory Board and was named one of three finalists for the SC Magazine CISO of the Year Award in 2015. He served as Chair of the St. Petersburg College Information Security Advisory Board and the Howard University Technology Advisory Board. He is a member of multiple advisory boards for universities, organizations, and security product companies. Gene attended the FBI Citizens Academy and maintains a close working relationship with both local and federal law enforcement agencies.